Lucene search
K

39 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-54888

Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...

6.9CVSS0.00168EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 3 days ago5 views

CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex

Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...

6.9CVSS5.9AI score0.00168EPSS
Exploits0References4
CVE
CVE
added 3 days ago8 views

CVE-2026-54888

The CVE-2026-54888 issue is a denial-of-service in mdex/mdex_native caused by uncontrolled recursion when converting Markdown to an AST across a NIF boundary. The root cause is missing maximum nesting depth in two mutual Rust functions (ex_document_to_comrak_ast and comrak_ast_to_ex_document), al...

6.9CVSS5.9AI score0.00168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability exists in the Jansi JNI ioctl wrapper due to a lack of size verification for the argument array before the system call. Thi...

4.8CVSS6.2AI score0.0014EPSS
Exploits0References3
NVD
NVD
added 2026/06/16 12:16 p.m.14 views

CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/06/16 12:16 p.m.6 views

UBUNTU-CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS6.1AI score0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 10:32 a.m.8 views

EUVD-2026-37064

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS5.6AI score0.0014EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 10:32 a.m.28 views

CVE-2026-8484 Heap buffer overflow in Jansi

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 1:28 p.m.4 views

GHSA-32HF-8JW3-V4QQ netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access

The netty-incubator-codec-ohttp library implements Oblivious HTTP RFC 9458 using BoringSSL's HPKE C library via JNI. When deriving native memory addresses for cryptographic operations, provides a fallback path for direct ByteBufs that do not expose their memory address through hasMemoryAddress...

8.8CVSS5.8AI score0.00174EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

netty-incubator-codec-ohttp 缓冲区错误漏洞

netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.22.Final of netty-incubator-codec-ohttp contain a buffer error vulnerability. This vulnerability arises due to the use of a backtrack path when performing encryption operations via JNI on specifi...

9.1CVSS5.8AI score0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 8:49 a.m.4 views

CVE-2026-24813 A null pointer dereference in abcz316/SKRoot-linuxKernelRoot

NULL Pointer Dereference vulnerability in abcz316 SKRoot-linuxKernelRoot testRoot/jni/utils modules. This vulnerability is associated with program files cJSON.Cpp. This issue affects SKRoot-linuxKernelRoot...

8.7CVSS5.9AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/12/05 6:54 p.m.5 views

GHSA-CMP6-M4WJ-Q63Q yawkat LZ4 Java has a possible information leak in Java safe decompressor

Summary Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is reused without being cleared, this may lea...

8.2CVSS6.1AI score0.00541EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-0857

Malware in sbrugna...

8.4CVSS8.2AI score0.0118EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-6873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to...

8.1CVSS6.4AI score0.00721EPSS
Exploits0References2
OSV
OSV
added 2024/08/01 4:15 p.m.2 views

UBUNTU-CVE-2024-6873

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time o...

8.1CVSS6.3AI score0.00721EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-37919 · Unknown +1 · Clickhouse

Name of the Vulnerable Software and Affected Versions: ClickHouse versions prior to the latest supported version Description: It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the...

8.1CVSS8AI score0.00721EPSS
Exploits0References14
ClickHouse
ClickHouse
added 2024/08/01 12:0 a.m.15 views

CVE-2024-6873

It is possible to redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time of...

8.1CVSS6AI score0.00721EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.29 views

Fedora: Security Advisory for nekohtml (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.17 views

[SECURITY] Fedora 40 Update: nekohtml-1.9.22-26.fc40

NekoHTML is a simple HTML scanner and tag balancer that enables application programmers to parse HTML documents and access the information using standard XML interfaces. The parser can scan HTML files and "fix up" many common mistakes that human and computer authors make in writing HTML documents...

8.8CVSS6.4AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:33 p.m.34 views

[SECURITY] Fedora 40 Update: jni-inchi-0.8-11.fc40

JNI-InChI enables Java software to generate IUPAC's International Chemical Identifiers InChIs by making Java Native Interface JNI calls to the InChI C library developed by IUPAC. All of the features from the InChI library are supported: - Standard and Non-Standard InChI generation from structures...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
Rows per page
Query Builder