Lucene search
K

119 matches found

CVE
CVE
added 6 days ago9 views

CVE-2026-59875

CVE-2026-59875 affects the Node.js tar library node-tar prior to 7.5.17. The root cause is that NUL bytes are not stripped from PAX path and linkpath records in src/pax.ts, which can allow a crafted archive to reach fs.lstat or fs.open and terminate the process with an uncaught exception. The iss...

5.3CVSS5.9AI score0.00291EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/02 5:17 p.m.10 views

CVE-2026-47778

A flaw was found in Envoy, an open-source edge and service proxy. A remote attacker could exploit a structural flaw in the DefaultCertValidator::verifySubjectAltName function by presenting a specially crafted certificate. This certificate would contain a NUL byte within its DNS Subject Alternativ...

4.4CVSS5.6AI score0.00212EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/26 5:27 p.m.38 views

CVE-2026-47778 Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .cstr before bei...

4.4CVSS0.00212EPSS
Exploits1References1
OSV
OSV
added 2026/06/12 3:8 p.m.10 views

GHSA-4PX2-PW77-VC85 SwiftNIO HTTP/2: HTTP/2-to-HTTP/1 Request Smuggling via unvalidated :path pseudo-header in HTTP2ToHTTP1Codec

swift-nio-http2's HTTP/2-to-HTTP/1.1 codec HTTP2FramePayloadToHTTP1ServerCodec / HTTP2ToHTTP1ServerCodec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. A remote attacker could send an HTTP/2 request containing CR \r, LF \n, o...

5.5AI score0.00192EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 5:7 a.m.12 views

MGASA-2026-0188 Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6AI score0.00559EPSS
Exploits7References10
Mageia
Mageia
added 2026/06/10 5:7 a.m.27 views

Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6.9AI score0.00559EPSS
Exploits7References9
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

TencentOS Server 4: php (TSSA-2026:0342)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0342 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS5.7AI score0.00298EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.10 views

CVE-2025-14179

A flaw was found in PHP. The PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at the NUL byte, dropping the closing quote and causing subsequent SQL tokens...

9.8CVSS5.5AI score0.00298EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.12 views

CVE-2026-23863

An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of...

6.5CVSS5.5AI score0.00528EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 1:5 p.m.15 views

CVE-2026-6104

A flaw was found in PHP. When an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, an out-of-bounds read of only 1 byte can occur due to the incorrect processing of string lengths. This issue can cause a denial of service or limited...

9.1CVSS5.7AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2026/05/20 10:27 a.m.7 views

CLSA-2026-1779272835 gnutls: Fix of CVE-2026-42010

CVE-2026-42010: fix RSA-PSK identity truncation allowing authentication bypass via NUL byte in client-supplied username...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References1
OSV
OSV
added 2026/05/17 8:17 p.m.9 views

SUSE-SU-2026:21804-1 Security update for go1.26

This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: "go tool pack" does...

7.5CVSS6AI score0.00813EPSS
Exploits0References25
OSV
OSV
added 2026/05/16 12:20 p.m.10 views

CLSA-2026-1778934026 Fix CVE(s): CVE-2026-42010

SECURITY UPDATE: Authentication bypass via NUL-byte truncation in RSA-PSK username lookup - debian/patches/CVE-2026-42010.patch: replace strleninfo-username with info-usernamelen in gnutlsprocrsapskclientkx in lib/auth/rsapsk.c to prevent NUL-byte truncation allowing username matching with...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.21 views

SUSE SLED15 / SLES15 Security Update : go1.25 (SUSE-SU-2026:1862-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1862-1 advisory. This update for go1.25 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References36
OSV
OSV
added 2026/05/15 2:3 p.m.15 views

OESA-2026-2343 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References9
SUSE Linux
SUSE Linux
added 2026/05/14 10:34 p.m.8 views

Security update for go1.25

This update for go1.25 fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" does not...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References48
RedhatCVE
RedhatCVE
added 2026/05/14 6:31 p.m.11 views

CVE-2026-41256

A flaw was found in jq, a command line JSON processor. Top-level jq programs loaded from a file using the -f flag are truncated at the first embedded NUL byte. This issue allows an attacker who can supply a crafted filter file to prematurely truncate the program, potentially bypassing filtering...

5.5CVSS5.7AI score0.00158EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40293

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb convert encoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

9.1CVSS5.9AI score0.00469EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40303

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb convert encoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

9.1CVSS5.9AI score0.00469EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 6:16 p.m.9 views

CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

5.5CVSS0.00158EPSS
Exploits1References1
Rows per page
Query Builder