Lucene search
K

3819 matches found

EUVD
EUVD
added 2026/06/30 8:5 a.m.6 views

EUVD-2026-40267

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 8:5 a.m.23 views

CVE-2026-45822

CVE-2026-45822 – decode-uri-component : The connected records specify that the npm package decode-uri-component (versions up to 0.4.1) is vulnerable. The vulnerability lies in the decode() function, which splits input on '%' and then calls decodeComponents(), producing super-linear parsing time. ...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 4:24 p.m.7 views

CVE-2026-13752

Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying crafted values to vulnerable command paths, causing Snowflake CLI to execute unintended SQL in the context of the user’s Snowflake session...

6CVSS5.9AI score0.00188EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/26 9:16 p.m.9 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS0.00446EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 6:29 p.m.7 views

CVE-2026-56132

A flaw was found in libexpat, a library used for parsing XML data. An attacker could exploit a heap-based buffer overflow, a type of memory error, by providing specially crafted XML input. This vulnerability occurs when the library mishandles memory reallocation while processing XML, particularly...

6.9CVSS6.2AI score0.00107EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 10:54 a.m.19 views

CVE-2026-57918

CVE-2026-57918 affects libnfs up to version 6.0.2 prior to the patch referenced by commit IDs f0b109d (NVD entry) / 935b8db (CVE record). The vulnerability is an xid integer underflow in READ_IOVEC within rpc_read_from_socket when a crafted NFS server causes the expected PDU size to exceed the ab...

7.1CVSS5.8AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.24 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

0.00446EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.32 views

PT-2026-52968

Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A Denial of Service DoS issue exists in the parse month function located in /time/strptime.rs. An attacker can cause the system to crash by providing a specially crafted input. This issue is...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References6
CVE
CVE
added 2026/06/26 12:0 a.m.20 views

CVE-2026-38639

CVE-2026-38639 affects relibc. The issue is in the parse_month function (path /time/strptime.rs) within commit ab6a2e and allows an attacker to trigger a Denial of Service by parsing a crafted input. The available sources confirm the vulnerability location and impact but do not provide exploitati...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:37 p.m.5 views

CVE-2026-49851

A flaw was found in Mistune, a Python Markdown parser. A remote attacker can exploit this vulnerability by providing a specially crafted Markdown input containing many consecutive bracket characters. This can lead to excessive CPU usage, causing a denial-of-service DoS condition on the affected...

8.7CVSS5.8AI score0.0035EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 12:3 p.m.2 views

RLSA-2023:5048 Important: flac security update

FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...

7.8CVSS7.2AI score0.00749EPSS
Exploits1References2
CVE
CVE
added 2026/06/25 5:24 a.m.14 views

CVE-2026-12244

NSD (the DNS server) is affected when configured as a secondary for a zone. A primary can crash NSD by sending an AXFR containing a DNS message with a specially crafted SVCB RR whose rdata size is 65512, which causes an (uint16_t) length to overflow while allocating space for the RR wrap (total s...

8.8CVSS5.9AI score0.00303EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/25 4:48 a.m.5 views

EUVD-2026-39180

shell-quote prior to 1.8.5 finalizes parsed tokens in parse using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growing array on every iteration. As a result parse runs in On^2 time relative to the number of input tokens. An attacker who can supply an...

8.7CVSS6.3AI score0.0036EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 12:33 a.m.6 views

EUVD-2025-210335

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

7.5CVSS6.1AI score0.00579EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/25 12:0 a.m.21 views

CVE-2026-38637

An issue in the pthreadrwlockattrsetpshared function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted input...

0.00446EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 12:0 a.m.10 views

CVE-2026-38637

CVE-2026-38637 affects the relibc project, specifically the pthread_rwlockattr_setpshared() function in commit 61f42d. The vulnerability allows attackers to trigger a Denial of Service via crafted input, with a network attack vector and no privileges required (attack complexity low; UI none; scop...

7.5CVSS5.9AI score0.00446EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52580

Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A reachable unwrap in the assert fail function located in /assert/mod.rs allows attackers to cause a Denial of Service DoS by providing a crafted string. An unwrap is a operation that attempts...

5.8AI score0.00446EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52579

Name of the Vulnerable Software and Affected Versions relibc version 61f42d Description A flaw in the pthread rwlockattr setpshared function allows attackers to trigger a Denial of Service DoS by providing crafted input. Recommendations As a temporary workaround, consider restricting the use of t...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 11:16 p.m.11 views

CVE-2025-60474

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

7.5CVSS0.00579EPSS
Exploits1References6
OSV
OSV
added 2026/06/24 11:16 p.m.2 views

DEBIAN-CVE-2025-60474

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

7.5CVSS6AI score0.00579EPSS
Exploits1References1
Rows per page
Query Builder