Lucene search
K

370 matches found

RedhatCVE
RedhatCVE
added 2026/05/19 1:56 p.m.11 views

CVE-2026-46719

Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/19 1:56 p.m.10 views

CVE-2026-8788

Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the setadd method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue...

7.3CVSS5.8AI score0.00226EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.8 views

Fedora 43 : perl-Net-CIDR-Lite (2026-9e783d6aa1)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9e783d6aa1 advisory. This update addresses some input validation issues: Reject Unicode digits and trailing newlines in parser inputs CVE-2026-45190 Reject zero-padded...

6.5CVSS5.9AI score0.00311EPSS
Exploits0References3
NVD
NVD
added 2026/05/18 8:16 a.m.29 views

CVE-2026-8788

Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the setadd method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue...

7.3CVSS0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/18 6:34 a.m.8 views

CVE-2026-8788 Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections

Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the setadd method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue...

5.8AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/05/18 6:34 a.m.25 views

CVE-2026-8788

CVE-2026-8788 affects Net::Statsd::Lite up to version 0.10.0 on Perl. The issue arises because values passed to the set_add method are not validated for newlines, colons, or pipes, allowing untrusted sources to inject additional metrics. Multiple connected sources confirm the same description acr...

7.3CVSS5.8AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2026/05/17 6:16 p.m.15 views

CVE-2026-46720

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

8.2CVSS0.00344EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/17 5:51 p.m.57 views

CVE-2026-46720 Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

0.00344EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/17 5:51 p.m.19 views

EUVD-2026-30706

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

5.8AI score0.00344EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/17 5:51 p.m.9 views

CVE-2026-46720

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

8.2CVSS5.8AI score0.00344EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.16 views

PT-2026-41581

Name of the Vulnerable Software and Affected Versions Net::Statsd::Tiny versions prior to 0.3.8 Description Net::Statsd::Tiny for Perl allows metric injections because metric names and set values are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted source...

8.2CVSS5.8AI score0.00344EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/05/16 1:37 p.m.7 views

CVE-2026-46719

Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

5.8AI score0.00306EPSS
Exploits0References3
CVE
CVE
added 2026/05/16 1:37 p.m.26 views

CVE-2026-46719

Net::Statsd::Lite (Perl) is affected by CVE-2026-46719 for versions prior to 0.9.0, where metric names are not validated for newlines, colons, or pipes. This allows metrics from untrusted sources to inject additional statsd metrics. Public sources in the included documents confirm the impact on m...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.15 views

PT-2026-41426

Name of the Vulnerable Software and Affected Versions Net::Statsd::Lite versions prior to 0.9.0 Description Net::Statsd::Lite for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This enables metrics generated from untrusted sources to inject...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.8 views

Fedora 44 : perl-Net-CIDR-Lite (2026-6f3d2d0d82)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6f3d2d0d82 advisory. This update addresses some input validation issues: Reject Unicode digits and trailing newlines in parser inputs CVE-2026-45190 Reject zero-padded...

6.5CVSS5.9AI score0.00311EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/08 11:19 p.m.8 views

Command Injection

Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Command Injection via the setvalue function when the section parameter is not properly validated for newline characters. An attacker can execute arbitrary code by...

8.8CVSS6.3AI score0.00719EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/07 12:0 a.m.12 views

CVE-2026-44244

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...

7.8CVSS5.8AI score0.00237EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.8 views

PT-2026-37313

Name of the Vulnerable Software and Affected Versions sse-channel versions prior to 4.0.1 Description Implementations that allow user-provided values to be passed to the event, retry, or id fields are susceptible to event spoofing. This allows an attacker to inject arbitrary Server-Sent Events SS...

8.7CVSS5.9AI score0.00478EPSS
Exploits0References7
Amazon
Amazon
added 2026/04/13 12:0 a.m.8 views

Important: python3.9

Issue Overview: When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468 User-controlled...

7CVSS5.8AI score0.00621EPSS
Exploits0
OSV
OSV
added 2026/04/03 1:41 p.m.14 views

CLSA-2026-1775223681 python: Fix of CVE-2025-15367

CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via newlines...

5.9CVSS7.1AI score0.00315EPSS
Exploits0References1
Rows per page
Query Builder