137 matches found
VPN Browser+ 安全漏洞
VPN Browser+ is a mobile browser application developed by VPN Browser Company, featuring integrated virtual private network capabilities. Version 1.1.0.0 of VPN Browser+ contains a security vulnerability. This vulnerability stems from the search function’s improper handling of extremely large...
Improper Validation of Specified Quantity in Input
Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the chunksize parameter in app.addmediafile and app.addmediafiles media routes. An attacker can cause excessi...
Django vulnerable to Uncontrolled Resource Consumption
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...
CVE-2026-25673
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...
CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...
CVE-2026-27576
OpenClaw: ACP prompt-size check vulnerability affecting local stdio bridge. Affected in 2026.2.17 and earlier; oversized prompt blocks can be assembled and forwarded to chat.send, impacting local ACP clients (e.g., IDE integrations). Mitigation: upgrade to 2026.2.19 (patched release).
CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...
Frigate security vulnerabilities
Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 2.02 of Frigate contains a security vulnerability, which stems from the command-line interface accepting excessively large inputs, potentially causing the application t...
CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CVE-2026-1484 Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode()
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
Glib buffer error vulnerability
GLib is a general-purpose, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, and abstraction for main loops. GLib has a buffer error vulnerability, which stems from the Base64 encoding routine’s improper...
rexml: REXML denial of service
A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...
rexml: REXML denial of service
A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...
rexml: REXML denial of service
A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...
TencentOS Server 3: yajl (TSSA-2022:0235)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0235 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Denial Of Service (DoS)
Django is vulnerable to a Denial Of Service DoS. The vulnerability is due to slow NFKC Unicode normalization on Windows in redirect-related functions, which allows an attacker to supply inputs with a very large number of Unicode characters to exhaust server resources and cause a denial of service...
EUVD-2025-31331
Malicious code in bioql PyPI...
EUVD-2022-1773
Malicious code in bioql PyPI...
CVE-2025-10868
An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs...
CVE-2025-10868
An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs...