Lucene search
K

1923 matches found

ATTACKERKB
ATTACKERKB
added last week4 views

CVE-2026-58015

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

5.9CVSS5.9AI score0.00418EPSS
Exploits1References4
EUVD
EUVD
added last week6 views

EUVD-2026-40318

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

5.9CVSS5.9AI score0.00418EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added last week8 views

CVE-2026-58016 Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

7.5CVSS5.8AI score0.00373EPSS
Exploits1References3
Cvelist
Cvelist
added last week35 views

CVE-2026-58015 Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

5.9CVSS0.00418EPSS
Exploits1References3
Cvelist
Cvelist
added last week33 views

CVE-2026-58016 Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

7.5CVSS0.00373EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added last week4 views

CVE-2026-58016

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

7.5CVSS5.8AI score0.00373EPSS
Exploits1References4
EUVD
EUVD
added last week6 views

EUVD-2026-40319

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

7.5CVSS5.8AI score0.00373EPSS
Exploits1References3
CVE
CVE
added last week17 views

CVE-2026-58016

The CVE-2026-58016 entry concerns GLib, specifically a flaw in g_dbus_node_info_new_for_xml() in gio/gdbusintrospection.c. The issue arises when parsing malformed D-Bus introspection XML (notably a element nested inside ///), causing an unsigned integer overflow and an out-of-bounds read, which ...

9.1CVSS5.8AI score0.00373EPSS
Exploits1References3Affected Software2
CVE
CVE
added last week14 views

CVE-2026-58015

CVE-2026-58015 affects GLib’s D-Bus client-side implementation of the DBUS_COOKIE_SHA1 SASL mechanism. The cookie_context parameter received from the server is not validated, allowing a malicious D-Bus server to supply a cookie_context with path traversal sequences. This can enable reading an arb...

7.5CVSS5.9AI score0.00418EPSS
Exploits1References3Affected Software2
Debian CVE
Debian CVE
added last week4 views

CVE-2026-58016

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

9.1CVSS5.8AI score0.00373EPSS
Exploits1
Debian CVE
Debian CVE
added last week5 views

CVE-2026-58015

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

7.5CVSS5.9AI score0.00418EPSS
Exploits1
AlpineLinux
AlpineLinux
added last week4 views

CVE-2026-58015

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

7.5CVSS5.9AI score0.00418EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added last week4 views

CVE-2026-58016

A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow and...

9.1CVSS5.8AI score0.00373EPSS
Exploits1References3
CVE
CVE
added last week11 views

CVE-2026-58014

GLib contains an off-by-one flaw in g_key_file_get_locale_string_list (gkeyfile.c) that triggers when loading a key file with an empty value. The issue allows an out-of-bounds access of one byte and can cause denial of service if the access crosses a page boundary. Affected component is GLib’s ke...

8.6CVSS5.8AI score0.00293EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added last week34 views

CVE-2026-58014 Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

7.3CVSS0.00293EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added last week4 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

7.3CVSS5.8AI score0.00293EPSS
Exploits1References4
EUVD
EUVD
added last week7 views

EUVD-2026-40316

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

7.3CVSS5.8AI score0.00293EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added last week4 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

8.6CVSS5.7AI score0.00293EPSS
Exploits1References3
Debian CVE
Debian CVE
added last week4 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

8.6CVSS5.8AI score0.00293EPSS
Exploits1
Cvelist
Cvelist
added last week34 views

CVE-2026-58013 Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"

A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...

6.5CVSS0.00329EPSS
Exploits1References3
Rows per page
Query Builder