Lucene search
K

4977 matches found

NCSC
NCSC
added 3 hours ago9 views

Vulnerabilities found in Juniper Networks’ Junos OS and Junos OS Evolved

Juniper has identified several vulnerabilities in Junos OS and Junos OS Evolved, specifically related to devices in the MX Series, PTX Series, QFX Series, EX Series, SRX Series, and QFX10000 Series. These vulnerabilities affect various components of Junos OS and Junos OS Evolved, including the...

9.8CVSS7.1AI score0.02497EPSS
Exploits0References22
CVE
CVE
added 2 days ago8 views

CVE-2026-61857

ImageMagick prior to 7.1.2-26 contains a heap use-after-free vulnerability caused by a missing null check when parsing XMP profiles. Attackers can craft specially crafted XMP data in image files to trigger the issue, potentially causing application crashes. The CVE record and CVE list entries con...

6.3CVSS6.1AI score0.00226EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 3 days ago9 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References6
Mageia
Mageia
added 5 days ago4 views

Updated openvpn packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible 1-byte buffer overrun on NTLMv2 proxy responses. CVE-2026-11771 Memory-leak in tls-crypt-v2 client key handling that could lead to out-of-memory situations and subsequent server crashes. CVE-2026-12932 Use-after-free bug in ackwritebuf,...

7.5CVSS7.3AI score0.00549EPSS
Exploits0References4
NVD
NVD
added 5 days ago12 views

CVE-2026-57258

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-13128

Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...

7.8CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-13126 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...

7.8CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42190

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS6AI score0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-57258

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS6AI score0.00112EPSS
Exploits0References2Affected Software2
Snyk
Snyk
added 2026/07/03 8:14 p.m.7 views

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the ExportToBlob function of the PLY Model Handler component. An attacker can cause memory corruption or application crashes by triggering a double free condition remotely. Remediation There is no fixed version for assimp...

6.5CVSS6.7AI score0.00233EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54825

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description An integer overflow in the XCF decoder can lead to an out-of-bounds read when processing a specially crafted image, which may cause the application to...

6.5CVSS6.1AI score0.0022EPSS
Exploits0References22
NVD
NVD
added 2026/06/29 8:17 p.m.7 views

CVE-2026-43727

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

6.5CVSS0.00196EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 7:42 p.m.20 views

CVE-2026-43745

CVE-2026-43745 describes an out-of-bounds write issue addressed by improved input validation. The vulnerability affects Safari and related Apple platforms, with fixes in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. The issue could lead to an unexpected Safari crash when proce...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References3Affected Software4
RedhatCVE
RedhatCVE
added 2026/06/29 2:41 p.m.9 views

CVE-2026-58058

A flaw was found in Nmap. A remote attacker or a scanned target can send a specially crafted IPv6 response with a truncated extension header. This can lead to an integer underflow, causing out-of-bounds reads and a denial of service DoS due to a crash during raw IPv6 scans. Mitigation Mitigation...

6.9CVSS5.7AI score0.00278EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/29 2:41 p.m.11 views

CVE-2026-58050

A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...

8.3CVSS5.9AI score0.00333EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 8:14 a.m.4 views

OPENSUSE-SU-2026:21166-1 Security update for nano

This update for nano fixes the following issues: Changes in nano: - Update to version 9.1: When searching, the viewport is placed snug left where possible. The ability to read and write files in old Mac format a lone carriage return as line ending was removed. The ^T toggle between WhereIs and...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53730

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description An out-of-bounds write issue exists where processing maliciously crafted web content may lead to an...

6.5CVSS6AI score0.00297EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53679

Name of the Vulnerable Software and Affected Versions p11-kit affected versions not specified Description A flaw exists in the RPC message attribute parsing process. The functions p11 rpc message get attribute and p11 rpc message get attribute array value create a mutually-recursive call chain th...

6.2CVSS6.1AI score0.00137EPSS
Exploits0References15
NVD
NVD
added 2026/06/26 8:17 p.m.5 views

CVE-2026-53307

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...

5.5CVSS0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 6:3 p.m.37 views

CVE-2026-48090 Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter envoy.filters.http.oauth2 can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late...

5.9CVSS0.00579EPSS
Exploits1References1
Rows per page
Query Builder