Lucene search
K

7019 matches found

CVE
CVE
added 2026/06/28 1:32 a.m.36 views

CVE-2026-58051

CVE-2026-58051 affects libssh2 up to version 1.11.1. The vulnerability arises because libssh2 grows its publickey list using SSH2_REALLOC but does not zero-initialize the newly allocated entries before parsing populates them. If parsing fails and the code path cleans up, libssh2_publickey_list_fr...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.11 views

PT-2026-53102

Name of the Vulnerable Software and Affected Versions xiaozhi-esp32 versions prior to 2.2.7 Description A weakness in the MCP Response Handler component allows for improper synchronization. This issue occurs within the ParseMessage function located in the main/mcp server.cc file. Remote...

3.1CVSS5.7AI score0.00228EPSS
Exploits0References12
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:5 a.m.9 views

libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.

...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/26 9:31 p.m.9 views

CVE-2026-57234

A flaw was found in Nokogiri, an XML and HTML library for Ruby. The NONET parse option, intended to prevent external resource fetching, was not correctly enforced in the JRuby implementation of Nokogiri::XML::Schema. This oversight could allow a specially crafted XML schema to fetch external...

4.8CVSS5.6AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS0.00446EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 12:32 a.m.4 views

EUVD-2021-34853

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

7.7CVSS5.9AI score0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 12:32 a.m.7 views

EUVD-2021-34852

Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags were pushed to the repository linking to unreviewed code in a personal fork. Attackers could exploit this by specifying affected version tags in dependency declarations to execute unreviewed and...

7.7CVSS6AI score0.0012EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.5 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.24 views

PT-2026-52968

Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A Denial of Service DoS issue exists in the parse month function located in /time/strptime.rs. An attacker can cause the system to crash by providing a specially crafted input. This issue is...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.23 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

0.00446EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 10:16 p.m.9 views

CVE-2021-47987

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

7.7CVSS0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 9:41 p.m.18 views

CVE-2021-47987 Parse Server - Arbitrary Code Execution via Malicious Version Tags

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

7.7CVSS0.0012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:41 p.m.11 views

CVE-2021-47987

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

7.7CVSS5.9AI score0.0012EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 9:41 p.m.11 views

CVE-2021-47987

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository, pointing to an unreviewed personal fork with write access. No releases were published with these tags; a project exposing a vulnerability would require a git-...

7.7CVSS5.9AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 9:41 p.m.19 views

CVE-2021-47986 Parse Server - Unreviewed Code Execution via Malicious Version Tags

Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags were pushed to the repository linking to unreviewed code in a personal fork. Attackers could exploit this by specifying affected version tags in dependency declarations to execute unreviewed and...

7.7CVSS0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 9:41 p.m.11 views

CVE-2021-47986

Parse Server exposes a supply-chain vulnerability affecting all versions before 4.10.0 where incorrect version tags were pushed to the repository, linking to unreviewed code in a personal fork. Attackers could specify affected version tags in dependency declarations to execute unreviewed and pote...

7.7CVSS6AI score0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53268

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrackirc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given...

8.2CVSS0.00364EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 9:16 a.m.10 views

CVE-2026-53245

In the Linux kernel, the following vulnerability has been resolved: net/802/mrp: fix vector attribute parsing in mrppduparsevecattr In mrppduparsevecattr, vector attribute events are encoded three per byte and valen tracks the number of events left to process. The parser decrements valen after...

0.00184EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/25 9:3 a.m.4 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53275

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD queries When processing an MLD query, a pointer to the multicast group address is retrieved when initially parsing the packet. This pointer is later dereferenced without being...

5.7AI score0.00252EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder