Lucene search
K

27 matches found

Cvelist
Cvelist
added 6 days ago22 views

CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex

Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...

6.9CVSS0.00168EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A problem with lowering/register allocation could lead to obscure but deterministic register confusion failures in JITted code, which could result in a potentially exploitable crash. This vulnerability affects Firefox 91 and Thunderbird 91...

8.8CVSS7.6AI score0.01004EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

7.5CVSS5.5AI score0.00347EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/05 12:12 p.m.8 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
EUVD
EUVD
added 2026/05/04 6:10 p.m.9 views

EUVD-2026-27115

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

3.7CVSS6.1AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 4:16 p.m.3 views

ALPINE-CVE-2026-21712

A flaw in Node.js URL processing causes an assertion failure in native code when url.format is called with a malformed internationalized domain name IDN containing invalid characters, crashing the Node.js process...

5.7CVSS6.2AI score0.00325EPSS
Exploits0References1
CVE
CVE
added 2026/03/30 3:13 p.m.16 views

CVE-2026-21712

CVE-2026-21712 affects the Node.js package nodejs24 for versions less than 24.14.1-1 . The issue is a flaw in Node.js URL processing that triggers an assertion failure in native code when url.format() is called with a malformed internationalized domain name (IDN) containing invalid characters, cr...

5.7CVSS6.2AI score0.00325EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.10 views

CVE-2021-41200

TensorFlow is an open source platform for machine learning. In affected versions if tf.summary.createfilewriter is called with non-scalar arguments code crashes due to a CHECK-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

5.5CVSS6.8AI score0.0023EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-13206

Malware in sbrugna...

9.8CVSS9.2AI score0.01679EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2933

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01784EPSS
Exploits1References5
NVD
NVD
added 2025/07/03 9:15 a.m.8 views

CVE-2025-38117

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmtpending list with its own lock This uses a mutex to protect from concurrent access of mgmtpending list which can cause crashes like: ==================================================================...

7.8CVSS0.00151EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.9 views

CVE-2021-29981

An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox 91 and Thunderbird 91...

8.8CVSS6.3AI score0.01004EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/27 2:12 a.m.9 views

CVE-2024-58013 Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in...

7.1AI score0.00203EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.3 views

Hoppscotch 安全漏洞

Hoppscotch is an open source Api development ecosystem. A security vulnerability exists in Hoppscotch versions prior to 0.8.0. An attacker exploited the vulnerability to cause the code to crash...

8.3CVSS8AI score0.00611EPSS
Exploits0References4
Snyk
Snyk
added 2023/06/14 12:0 a.m.8 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version...

7.3CVSS7.6AI score0.00999EPSS
Exploits0References2
OSV
OSV
added 2022/11/02 2:15 p.m.3 views

UBUNTU-CVE-2022-43241

Libde265 v1.0.8 was discovered to contain an unknown crash via ffhevcputhevcqpelv38sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

6.5CVSS7.1AI score0.00844EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/05/01 3:25 p.m.39 views

CVE-2022-21144 Denial of Service (DoS)

This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash...

7.5CVSS7.8AI score0.01784EPSS
Exploits1References3
CVE
CVE
added 2022/05/01 3:25 p.m.82 views

CVE-2022-21144

Summary: CVE-2022-21144 affects all versions of the libxmljs package. The issue occurs when libxmljs.parseXml is called with a non-buffer argument, causing the V8 engine to invoke the argument’s toString method; if toString is not a Function, V8 will crash, leading to a potential denial of servic...

7.5CVSS7.5AI score0.01784EPSS
Exploits1References3Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2021/01/22 12:0 a.m.50 views

Security update for ImageMagick (moderate)

openSUSE Security Update: Security update for ImageMagick Announcement ID: openSUSE-SU-2021:0136-1 Rating: moderate References: 1179103 1179202 1179208 1179212 1179221 1179223 1179240 1179244 1179260 1179268 1179269 1179276 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321...

7.8CVSS6.5AI score0.0703EPSS
Exploits27References35
0day.today
0day.today
added 2019/01/02 12:0 a.m.28 views

NetworkSleuth 3.0.0.0 - Key Denial of Service Exploit

Exploit Title: NetworkSleuth 3.0.0.0 - 'Key' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: www.nsauditor.com Software Link : http://www.nsauditor.com/downloads/networksleuthsetup.exe Tested Version: 3.0.0.0 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows...

0.1AI score
Exploits0
Rows per page
Query Builder