Lucene search
K

38584 matches found

CVE
CVE
added 2026/04/09 6:32 p.m.19 views

CVE-2026-34942

Wasmtime VM exposes a DoS risk due to a panic-triggering path when transcoding strings into utf16/latin1+utf16. Root cause: alignment verification for reallocated strings was improper, allowing unaligned pointers to be passed to the host by a malicious guest. Affected versions prior to fixed rele...

6.5CVSS5.9AI score0.00354EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/09 6:32 p.m.20 views

CVE-2026-34942 Wasmtime panics when transcoding misaligned utf-16 strings

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

5.9CVSS0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/09 6:29 p.m.2 views

CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 6:29 p.m.17 views

CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

6.9CVSS0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 4:30 p.m.23 views

CVE-2026-5962 Tenda CH22 httpd R7WebsSecurityHandlerfunction path traversal

A vulnerability was detected in Tenda CH22 1.0.0.6468. This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used...

7.5CVSS0.00537EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2026/04/09 3:4 p.m.88 views

cybersentinel-agent

CyberSentinel Agent Defensive cybersecurity agent framework w...

6.1AI score
Exploits0
OSV
OSV
added 2026/04/09 1:20 p.m.3 views

SUSE-SU-2026:21080-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

7.8CVSS5.8AI score0.00344EPSS
Exploits6References17
Rockylinux
Rockylinux
added 2026/04/09 12:7 p.m.8 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

10CVSS7.2AI score0.00773EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/04/09 12:7 p.m.2 views

firefox security update

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

10CVSS7.2AI score0.00773EPSS
Exploits0
OSV
OSV
added 2026/04/09 12:7 p.m.3 views

RLSA-2026:5931 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR...

7.5CVSS7.3AI score0.00773EPSS
Exploits0References38
OSV
OSV
added 2026/04/09 12:0 p.m.3 views

RUSTSEC-2026-0091 Out-of-bounds write or crash when transcoding component model strings

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-394w-hwhg-8vgm For more information see the GitHub-hosted security advisory...

6.1CVSS5.8AI score0.00216EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 12:0 p.m.3 views

RUSTSEC-2026-0093 Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hx6p-xpx3-jvvv For more information see the GitHub-hosted security advisory...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References3
RustSec
RustSec
added 2026/04/09 12:0 p.m.28 views

Panic when lifting `flags` component value

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m758-wjhj-p3jq For more information see the GitHub-hosted security advisory...

7.5CVSS5.9AI score0.00324EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/09 12:0 p.m.123 views

Out-of-bounds write or crash when transcoding component model strings

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-394w-hwhg-8vgm For more information see the GitHub-hosted security advisory...

6.1CVSS5.9AI score0.00216EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/09 12:0 p.m.8 views

Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hx6p-xpx3-jvvv For more information see the GitHub-hosted security advisory...

8.1CVSS5.9AI score0.00376EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/09 12:0 p.m.2 views

RUSTSEC-2026-0085 Panic when lifting `flags` component value

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m758-wjhj-p3jq For more information see the GitHub-hosted security advisory...

5.6CVSS5.8AI score0.00324EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 10:11 a.m.6 views

RHSA-2026:7010 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

7.1CVSS5.7AI score0.00308EPSS
Exploits0References10
ICS
ICS
added 2026/04/09 6:0 a.m.6 views

Contemporary Controls BASC 20T

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enumerate the functionality of each component associated with the PLC, reconfigure, rename, delete, perform file transfers, and make remote procedure calls. 2. RECOMMENDED PRACTICES CISA recommends users...

9.8CVSS6AI score0.00443EPSS
Exploits0References13
EUVD
EUVD
added 2026/04/09 12:31 a.m.1 views

EUVD-2026-20663

Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00303EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/09 12:31 a.m.5 views

EUVD-2026-20785

A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/dashboard/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results in...

5.3CVSS4.4AI score0.00282EPSS
Exploits0References8
Rows per page
Query Builder