Lucene search
+L

805 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-45213

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS5.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-60806

Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...

5.3CVSS5.3AI score
Exploits0References4
NVD
NVD
added 2 days ago4 views

CVE-2026-46377

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the escape sequence handler in Tokenizer.parseCurRune in selector/lexer/tokenize.go increments past a trailing backslash in a quoted string such as "\ or '\ and then reads...

6.2CVSS0.00129EPSS
Exploits0References3
CVE
CVE
added 2 days ago17 views

CVE-2026-46377

CVE-2026-46377 (Dasel) : A bug in the escape sequence handling of the selector lexer causes an index-out-of-range panic when a trailing backslash is inside a quoted string. The issue resides in parseCurRune where a backslash path increments pos and then reads p.src[pos] without a bounds check. Af...

6.2CVSS6.1AI score0.00129EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2819 gnome-tour security update

A guided tour and greeter for GNOME.Tour uses by default the logo of the distribution based on the info from /etc/os-release. The application comes with a feature to replace the logo with a welcome video shipped by the distribution. Security Fixes: slab is a pre-allocated storage for a uniform da...

5.1CVSS5.9AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.6 views

GO-2026-5491 Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string in github.com/tomwright/dasel

Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string in github.com/tomwright/dasel...

6.2CVSS5.8AI score0.00129EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 6:14 p.m.9 views

EUVD-2026-39532

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS6.2AI score0.00215EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:6 p.m.8 views

CVE-2026-56770

libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...

8.7CVSS5.9AI score0.00339EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Fixed out-of-range access to bc-domains. Out-of-range access to bc-domains was corrected in the imx8mblkctrlremove function...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed an out-of-range indexing issue in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only...

6.4AI score0.00166EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.11 views

Astra Linux – Vulnerability in Chromium

In WebAudio, operations of reading and writing data outside of the allowed range in Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00281EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 2:16 p.m.18 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 2:16 p.m.3 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS5.9AI score
Exploits0References2
CVE
CVE
added 2026/06/19 1:32 p.m.24 views

CVE-2026-48140

NI grpc-device contains an unchecked enum cast vulnerability in BeginSidebandStream affecting version 2.17.0 and earlier. The issue allows triggering invalid enum states and undefined behavior, potentially leading to a denial of service. Exploitation requires sending a specially crafted message w...

7.1CVSS5.8AI score0.00254EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/19 1:32 p.m.6 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS5.8AI score0.00254EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.70 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00254EPSS
Exploits0References6
NVD
NVD
added 2026/06/10 12:16 a.m.16 views

CVE-2026-41727

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

6.5CVSS0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 8:59 p.m.14 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.4AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 5:16 p.m.9 views

UBUNTU-CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

8.2CVSS5.5AI score0.00278EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/08 3:46 p.m.13 views

EUVD-2026-35168

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

5.6AI score0.00278EPSS
Exploits0References8
Rows per page
Query Builder