Lucene search
K

1277 matches found

CVE
CVE
added 2026/03/13 5:19 p.m.24 views

CVE-2026-29079

Lexbor (web browser engine library) before version 2.7.0 contains a type-confusion vulnerability in its HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor, and the comment’s data are written into the element’s fields via an unsafe cast, corrupting ...

8.2CVSS5.8AI score0.00263EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/13 5:19 p.m.5 views

CVE-2026-29079 Type Confusion in Lexbor Fragment Parser

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.8AI score0.00263EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/13 5:19 p.m.3 views

CVE-2026-29079

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.3AI score0.00263EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/03/13 5:19 p.m.2 views

CVE-2026-29079

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.8AI score0.00263EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/11 1:14 a.m.6 views

kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References5
OSV
OSV
added 2026/03/11 12:18 a.m.2 views

GHSA-6457-6JRX-69CR Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type

Summary SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object keys can inject arbitrary SQL and exfiltrate data...

7.5CVSS6.1AI score0.00422EPSS
Exploits2References3
EUVD
EUVD
added 2026/03/11 12:18 a.m.2 views

EUVD-2026-10871

Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type...

7.5CVSS5.8AI score0.00422EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2026/03/11 12:18 a.m.13 views

Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type

Summary SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object keys can inject arbitrary SQL and exfiltrate data...

7.5CVSS6AI score0.00422EPSS
Exploits2References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-30951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON functio...

7.5CVSS6AI score0.00422EPSS
Exploits2References2
NVD
NVD
added 2026/03/10 9:16 p.m.4 views

CVE-2026-30951

Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object...

7.5CVSS0.00422EPSS
Exploits2References5
OSV
OSV
added 2026/03/10 8:22 p.m.6 views

CVE-2026-30951 Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type

Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object...

7.5CVSS5.9AI score0.00422EPSS
Exploits2References3
CVE
CVE
added 2026/03/10 8:22 p.m.16 views

CVE-2026-30951

CVE-2026-30951 affects Sequelize (Node.js ORM). Prior to version 6.37.8, JSON/JSONB where-clause processing can interpolate an unescaped cast type via _traverseJSON(), inserting CAST(... AS ) with attacker-controlled JSON keys, enabling arbitrary SQL and data exfiltration from any table. The vuln...

7.5CVSS5.9AI score0.00422EPSS
Exploits2References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 8:22 p.m.3 views

CVE-2026-30951 SQL Injection via JSON Column Cast Type in Sequelize v6

Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object...

7.5CVSS5.9AI score0.00422EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 8:22 p.m.2 views

CVE-2026-30951

Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object...

7.5CVSS5.9AI score0.00422EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2026/03/10 8:22 p.m.25 views

CVE-2026-30951 Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type

Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys on :: to extract a cast type, which is interpolated raw into CAST... AS SQL. An attacker who controls JSON object...

7.5CVSS0.00422EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.14 views

PT-2026-24433

Name of the Vulnerable Software and Affected Versions Sequelize versions prior to 6.37.8 Description Sequelize, a Node.js ORM tool, contains a SQL injection flaw due to unescaped cast type handling within JSON/JSONB where clause processing. The traverseJSON function splits JSON path keys using ':...

7.8CVSS5.9AI score0.00422EPSS
Exploits2References9
vulnersOsv
vulnersOsv
added 2026/03/03 5:59 p.m.7 views

alertwise (=1.0.0), cjkcms-seo (=2.4.0) +18 more potentially affected by CVE-2026-28223 via wagtail (>=6.0.0 <=6.3.1)

wagtail PYPI version =6.0.0, =6.0.0, =2.1.0, =0.1.1, =1.9.0, =2.8.0, =0.0.9, =0.14.0, =0.6.0, =0.7.0 - wagtail-sb-codefield =0.4.0 - wagtail-sb-fontawesome =0.3.0 and more Source cves: CVE-2026-28223 Source advisory: SNYK:PYTHON-WAGTAIL-15371182...

6.1CVSS5.7AI score0.00459EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/02/24 3:45 p.m.8 views

ImageMagick: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder

A crafted SVG file can cause a denial of service. An off-by-one boundary check instead of = that allows bypass the guard and reach an undefined sizet cast...

7.5CVSS5.4AI score0.00594EPSS
Exploits0References5Affected Software19
Snyk
Snyk
added 2026/02/24 1:50 a.m.5 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.7CVSS5.6AI score0.00594EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:50 a.m.4 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.7CVSS5.6AI score0.00594EPSS
Exploits0References2
Rows per page
Query Builder