Lucene search
K

2923 matches found

Snyk
Snyk
added 2026/03/23 6:16 p.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the NGAP message handling process. An attacker can cause the application to panic and potentially crash by sending specially crafted messages with invalid PDU Session IDs. Remediation Upgrade...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/23 6:16 p.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the NGAP message handling process. An attacker can cause the application to panic and potentially crash by sending specially crafted messages with invalid PDU Session IDs. Remediation Upgrade...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
OSV
OSV
added 2026/03/23 3:30 p.m.8 views

GHSA-R3HF-Q3MF-7H6W HybridAuth Has Improper SSL Certificate Validation in Curl HTTP Client

A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This...

6.3CVSS5.5AI score0.00181EPSS
Exploits0References6
OSV
OSV
added 2026/03/23 9:41 a.m.8 views

CLSA-2026-1774258892 postgresql: Fix of CVE-2026-2003

CVE-2026-2003: fix improper validation of oidvector and prevent disclosure of a few bytes of server memory...

4.3CVSS5.8AI score0.00281EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/20 4:38 a.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the RechargePut function in the nchf-convergedcharging service. An attacker can cause a server-side panic and disrupt recharge functionality by sending a crafted authenticated PUT request with an...

7.1CVSS5.8AI score0.00404EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:48 p.m.3 views

Improper Validation of Specified Quantity in Input

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the chunksize parameter in app.addmediafile and app.addmediafiles media routes. An attacker can cause excessi...

7.5CVSS5.8AI score0.00599EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.2 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.5 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.9 views

PT-2026-26325

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/18 8:19 p.m.7 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the DecryptBytes function. An attacker can cause the process or goroutine to crash by sending a crafted AES-CBC encrypted assertion with a plaintext of all zero bytes, which triggers a panic due to...

8.7CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/03/18 6:58 p.m.4 views

CVE-2026-31966 HTSlib CRAM reader has out-of-bounds read due to improper validation of input

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it...

6.9CVSS6.2AI score0.00518EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/18 1:36 a.m.4 views

CVE-2026-32981

A path traversal flaw has been identified in Ray Dashboard in the Ray Pypi package. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences e.g., ../ to access files outside the intended static directory,...

8.7CVSS5.6AI score0.00929EPSS
Exploits1References6
NVD
NVD
added 2026/03/17 6:16 a.m.4 views

CVE-2026-4258

All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey. An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and observing ECDH outputs. The...

8.7CVSS0.00246EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/16 10:48 p.m.4 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the calls plugin when handling websocket messages containing malformed msgpack frames. An attacker can cause the server to consume excessive memory and crash by sending specially crafted...

8.6CVSS5.8AI score0.00274EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2025-208731

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially lead to service degradation or denial-of-service conditions under certain scenarios...

1.8CVSS5.8AI score0.00144EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2025-208741

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

2.2CVSS6AI score0.00147EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/16 3:30 p.m.8 views

Improper Validation of Specified Type of Input

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to improper validation of User-Agent header tokens. An attacker can trigger a panic in the...

5.3CVSS5.8AI score0.00285EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.6 views

EUVD-2025-208720

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

4.5CVSS6AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/16 2:42 p.m.3 views

CVE-2025-52646 HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries.

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

2.2CVSS6AI score0.00147EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 2:42 p.m.6 views

CVE-2025-52646

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

2.2CVSS6AI score0.00147EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder