Lucene search
K

11178 matches found

CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

PageIndex 安全漏洞

PageIndex is an open-source inference-based retrieval-enhanced generation tool developed by Vectify AI. There are security vulnerabilities in PageIndex f50e52975313c6716c02b20a119577a1929decba and previous versions of it. These vulnerabilities stem from the toctransformer function in the PDF Tabl...

6.9CVSS6AI score0.00372EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2023-34188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker ca...

7.5CVSS7.1AI score0.01005EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: pdfbox (UTSA-2026-017622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017622 advisory. In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted or fuzzed file can trigger an infinite loop which leads to an out of memory exception in...

6.5CVSS6.7AI score0.04834EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.17 views

PT-2026-39732

A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc transformer of the file pageindex/page index.py of the component PDF Table of Contents Handler. The manipulation results in infinite loop...

6.9CVSS5.7AI score0.00372EPSS
Exploits0References6
OSV
OSV
added 2026/05/10 6:16 a.m.5 views

UBUNTU-CVE-2026-7263

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/10 4:43 a.m.13 views

CVE-2026-7263

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

7.5CVSS5.8AI score0.00353EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/10 4:43 a.m.7 views

CVE-2026-7263 DoS attack via DOMNode::C14N()

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

6.3CVSS5.8AI score0.00353EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/10 4:43 a.m.9 views

EUVD-2026-28981

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

6.3CVSS5.8AI score0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/10 4:43 a.m.55 views

CVE-2026-7263 DoS attack via DOMNode::C14N()

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, DOMNode::C14N method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial ...

6.3CVSS0.00353EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.8 views

openSUSE 16 Security Update : mozjs128 (openSUSE-SU-2026:20674-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20674-1 advisory. - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value...

5.5CVSS5.8AI score0.00216EPSS
Exploits1References9
OSV
OSV
added 2026/05/09 12:30 p.m.13 views

OESA-2026-2200 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems. Security Fixes: mutt before version 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest, which may lead to buffer handling issues.CVE-2026-43859 Mutt email client before version 2.3.2...

3.7CVSS5.9AI score0.00201EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/09 8:59 a.m.16 views

Security Bulletin: Multiple Vulnerabilities in watsonx.data

Summary Multiple vulnerabilities were addressed in watsonx.data 2.3.1 patch 2 version, which were present in different version from watson.data 2.2 to watsonx.dat 2.3 Vulnerability Details CVEID:CVE-2025-13466 DESCRIPTION: body-parser 2.2.0 is vulnerable to denial of service due to inefficient...

7.5CVSS6.3AI score0.01262EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/05/09 4:16 a.m.48 views

CVE-2026-41311

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

7.5CVSS0.00382EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/09 4:10 a.m.16 views

CVE-2026-42310 Pillow: PDF Parsing Trailer Infinite Loop (DoS)

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

5.1CVSS5.7AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/09 4:10 a.m.62 views

CVE-2026-42310 Pillow: PDF Parsing Trailer Infinite Loop (DoS)

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

5.1CVSS0.00126EPSS
Exploits0References4
CVE
CVE
added 2026/05/09 4:10 a.m.50 views

CVE-2026-42310

CVE-2026-42310 affects the Pillow Python imaging library. The vulnerability lies in the PdfParser logic: Pdf trailers’ Prev pointers can reference already-processed offsets, creating a cycle that causes an infinite loop and 100% CPU usage, potentially hanging the process. Affected versions are Pi...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2026-016784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016784 advisory. A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially...

7.5CVSS5.8AI score0.00693EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.10 views

liquidjs 安全漏洞

liquidjs is a simple, expressive, secure and Shopify-compatible pure JavaScript template engine by Jun Yang, a personal developer. A security vulnerability exists in liquidjs versions prior to 10.25.7, which stems from a circular block reference that leads to an infinite recursive loop, consuming...

7.5CVSS5.8AI score0.00382EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/08 6:52 p.m.12 views

CVE-2026-41511 OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle

OpenMcdf is a fully .NET / C library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the...

6.2CVSS5.7AI score0.00187EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/08 6:52 p.m.36 views

CVE-2026-41511 OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle

OpenMcdf is a fully .NET / C library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the...

6.2CVSS0.00187EPSS
Exploits1References3
Rows per page
Query Builder