Lucene search
+L

3712 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Oracle Linux 8 : libreoffice (ELSA-2026-35839)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-35839 advisory. - Fix CVE-2026-8357 buffer overflow in Calc formula compiler with formulas composed entirely of open tokens Tenable has extracted the preceding description blo...

7.8CVSS7.6AI score0.00139EPSS
Exploits0References2
OSV
OSV
added 5 days ago5 views

JLSEC-2026-688 Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into...

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks...

1CVSS6.1AI score0.00129EPSS
Exploits0References3
OSV
OSV
added 5 days ago3 views

CVE-2026-46633 Twig: PHP code injection via `{% use %}` template name

Twig is a template language for PHP. Prior to 3.26.0, Compiler::string does not escape single quotes when a template name from a % use % tag is placed inside a PHP single-quoted string literal, allowing a crafted template name to terminate the string and inject arbitrary PHP expressions into the...

8.7CVSS6.2AI score0.00642EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 5 days ago3 views

Security Bulletin: IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service (CVE-2026-7771)

Summary IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service. Vulnerability Details CVEID:CVE-2026-7771 DESCRIPTION: IBM Db2 is vulnerable to a trap when compiling a specially crafted statements containing subqueries...

5.5CVSS6.1AI score0.00148EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/07/09 4:16 p.m.5 views

CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS0.0012EPSS
Exploits0References3
CVE
CVE
added 2026/07/09 2:45 p.m.18 views

CVE-2025-58151

CVE-2025-58151 affects varstored, a Xen/Xapi component that handles UEFI variables and maps guest memory to OVMF. The vulnerability arises from TOCTOU due to insufficient compiler barriers in the shared buffer, with exploitation depending on compiler-generated code, and the attacker potentially c...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/08 5:30 a.m.7 views

CVE-2026-55574

A flaw was found in vLLM, a high-throughput and memory-efficient inference and serving engine for large language models LLMs. A remote attacker could exploit this vulnerability by providing a specially crafted regular expression to the structuredoutputs.regex API parameter. This adversarial regex...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References6
PyPA
PyPA
added 2026/07/06 9:16 p.m.4 views

PYSEC-2026-2304

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structuredoutputs.regex API parameter passes a user-supplied regular expression string directly to the grammar compiler backends with no compilation timeout; in the xgrammar backend the stri...

8.7CVSS6.1AI score0.00324EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:5 p.m.6 views

CVE-2026-55574

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structuredoutputs.regex API parameter passes a user-supplied regular expression string directly to the grammar compiler backends with no compilation timeout; in the xgrammar backend the stri...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/07/06 1:23 p.m.8 views

CVE-2026-50557

A flaw was found in Angular's @angular/compiler and @angular/core packages. Namespaced script elements were not properly identified by the template preparser, and security context schema mappings did not consistently handle attributes within namespaced elements. An attacker who can inject templat...

6.1CVSS5.7AI score0.00206EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/07/06 7:18 a.m.6 views

CVE-2026-14651

A flaw was found in grass, a Sass compiler. This vulnerability allows a local attacker to cause a Denial of Service DoS by manipulating specific functions within the compiler, such as grasscompiler::selector::extend or grasscompiler::evaluate::visitor. This can lead to the compiler becoming...

4.8CVSS5.8AI score0.00115EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.12 views

PT-2026-56000

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.24.0 Description The structured outputs.regex API parameter allows user-supplied regular expression strings to be passed to grammar compiler backends without a compilation timeout. In the xgrammar backend, the string i...

8.7CVSS6AI score0.00324EPSS
Exploits0References12
NVD
NVD
added 2026/07/04 9:17 p.m.9 views

CVE-2026-14651

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS0.00115EPSS
Exploits0References6
OSV
OSV
added 2026/07/04 9:17 p.m.3 views

DEBIAN-CVE-2026-14651

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS5.4AI score0.00115EPSS
Exploits0References1
NVD
NVD
added 2026/07/04 8:16 p.m.12 views

CVE-2026-14650

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS0.00116EPSS
Exploits0References6
OSV
OSV
added 2026/07/04 8:16 p.m.5 views

DEBIAN-CVE-2026-14650

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS5.7AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/04 8:15 p.m.28 views

CVE-2026-14651 connorskees grass visitor denial of service

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS0.00115EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/04 8:15 p.m.8 views

EUVD-2026-41695

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS5.1AI score0.00115EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/04 8:0 p.m.9 views

CVE-2026-14650

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS5.5AI score0.00116EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/07/04 8:0 p.m.17 views

CVE-2026-14650

Technical details about CVE-2026-14650 are not publicly available in the provided documents. Monitor for updates.

4.8CVSS5.5AI score0.00116EPSS
Exploits0References6
Rows per page
Query Builder