Lucene search
K

137 matches found

CNNVD
CNNVD
added 2026/04/04 12:0 a.m.10 views

VPN Browser+ 安全漏洞

VPN Browser+ is a mobile browser application developed by VPN Browser Company, featuring integrated virtual private network capabilities. Version 1.1.0.0 of VPN Browser+ contains a security vulnerability. This vulnerability stems from the search function’s improper handling of extremely large...

8.7CVSS5.8AI score0.00359EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/19 6:48 p.m.3 views

Improper Validation of Specified Quantity in Input

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the chunksize parameter in app.addmediafile and app.addmediafiles media routes. An attacker can cause excessi...

7.5CVSS5.8AI score0.00599EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/03 3:31 p.m.8 views

Django vulnerable to Uncontrolled Resource Consumption

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...

7.5CVSS6AI score0.00734EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/03 2:28 p.m.5 views

CVE-2026-25673

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...

7.5CVSS6AI score0.00734EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/21 10:0 a.m.32 views

CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...

4.8CVSS0.00165EPSS
Exploits0References5
CVE
CVE
added 2026/02/21 10:0 a.m.24 views

CVE-2026-27576

OpenClaw: ACP prompt-size check vulnerability affecting local stdio bridge. Affected in 2026.2.17 and earlier; oversized prompt blocks can be assembled and forwarded to chat.send, impacting local ACP clients (e.g., IDE integrations). Mitigation: upgrade to 2026.2.19 (patched release).

4.8CVSS5.5AI score0.00165EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/21 10:0 a.m.4 views

CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...

4.8CVSS5.3AI score0.00165EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.9 views

Frigate security vulnerabilities

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 2.02 of Frigate contains a security vulnerability, which stems from the command-line interface accepting excessively large inputs, potentially causing the application t...

7.5CVSS5.8AI score0.00361EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/27 1:41 p.m.4 views

CVE-2026-1484

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

4.2CVSS6AI score0.00304EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/27 1:41 p.m.5 views

CVE-2026-1484 Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode()

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

4.2CVSS6AI score0.00304EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.13 views

Glib buffer error vulnerability

GLib is a general-purpose, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, and abstraction for main loops. GLib has a buffer error vulnerability, which stems from the Base64 encoding routine’s improper...

4.2CVSS6AI score0.00304EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/12/22 4:49 p.m.3 views

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

5.3CVSS5.7AI score0.00231EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/11 6:53 p.m.6 views

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

5.3CVSS5.7AI score0.00231EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/10 6:31 p.m.3 views

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

5.3CVSS5.7AI score0.00231EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.6 views

TencentOS Server 3: yajl (TSSA-2022:0235)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0235 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS7.8AI score0.03472EPSS
Exploits1References2
Veracode
Veracode
added 2025/11/18 6:14 a.m.9 views

Denial Of Service (DoS)

Django is vulnerable to a Denial Of Service DoS. The vulnerability is due to slow NFKC Unicode normalization on Windows in redirect-related functions, which allows an attacker to supply inputs with a very large number of Unicode characters to exhaust server resources and cause a denial of service...

7.5CVSS6.8AI score0.0193EPSS
Exploits1References9Affected Software2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31331

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1773

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.03472EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/09/27 9:42 a.m.8 views

CVE-2025-10868

An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs...

5.3CVSS6.9AI score0.00238EPSS
Exploits0References1
NVD
NVD
added 2025/09/26 10:15 a.m.6 views

CVE-2025-10868

An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs...

5.3CVSS0.00238EPSS
Exploits0References1
Rows per page
Query Builder