Lucene search
K

387 matches found

UbuntuCve
UbuntuCve
added 2026/05/07 3:16 p.m.9 views

CVE-2026-41650

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...

6.1CVSS5.8AI score0.00238EPSS
Exploits1References3
OSV
OSV
added 2026/04/29 4:42 p.m.8 views

CLSA-2026-1777466211 Fix CVE(s): CVE-2025-7545

SECURITY UPDATE: heap-based buffer overflow in copysection function - debian/patches/CVE-2025-7545.patch: Prevent output section size from being extended beyond the input section size to avoid heap-based buffer overflow when copying sections with interleaving - CVE-2025-7545...

7.8CVSS6.6AI score0.00254EPSS
Exploits0References1
OSV
OSV
added 2026/04/29 4:25 p.m.11 views

CLSA-2026-1777479919 bind: Fix of CVE-2025-40778

CVE-2025-40778: reject forged records in answer sections to prevent cache poisoning via crafted responses - build tests improved...

8.6CVSS5.8AI score0.00509EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:3 a.m.9 views

media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections

...

5.5CVSS5.8AI score0.00125EPSS
Exploits0
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31599

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

5.5CVSS0.00125EPSS
Exploits0References9
OSV
OSV
added 2026/04/24 3:16 p.m.7 views

DEBIAN-CVE-2026-31599

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

5.5CVSS5.2AI score0.00125EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 2:42 p.m.5 views

EUVD-2026-25492

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

5.4AI score0.00125EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.34 views

CVE-2026-31599 media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

0.00125EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.7 views

CVE-2026-31599

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

5.5CVSS5.2AI score0.00125EPSS
Exploits0
OSV
OSV
added 2026/04/23 9:3 a.m.11 views

CLSA-2026-1776935009 bind: Fix of CVE-2025-40778

CVE-2025-40778: reject forged records in answer sections to prevent cache poisoning via crafted responses - build tests improved...

8.6CVSS6AI score0.00509EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/09 5:16 p.m.5 views

CVE-2026-39856

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from mm mseal failing to correctly update the end address during the merging of VMA sections,...

5.5CVSS6AI score0.00218EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.4 views

CVE-2026-3994

A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...

5.3CVSS5.9AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 6:16 p.m.5 views

CVE-2026-33162

Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...

7.1CVSS0.00288EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 5:32 p.m.3 views

CVE-2026-33162 Craft CMS: Authorization bypass in "entries/move-to-section" allows control panel user to move entries without section permissions

Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...

7.1CVSS5.8AI score0.00288EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/12 8:34 a.m.7 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the initializesections function of the Object File Handler. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted object files to the application during local...

5.3CVSS6.4AI score0.00127EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/12 6:31 a.m.5 views

EUVD-2026-11537

A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...

5.3CVSS5.9AI score0.00127EPSS
Exploits0References7
OSV
OSV
added 2026/03/12 6:16 a.m.7 views

UBUNTU-CVE-2026-3994

A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...

5.3CVSS5.9AI score0.00127EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 6:2 a.m.0 views

CVE-2026-3994 rui314 mold Object File input-files.cc initialize_sections heap-based overflow

A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...

5.3CVSS5.9AI score0.00127EPSS
Exploits0References6
CVE
CVE
added 2026/03/12 6:2 a.m.23 views

CVE-2026-3994

This CVE affects rui314 mold up to 2.40.4, specifically mold::ObjectFilemold::X86_64::initialize_sections in src/input-files.cc. Local manipulation can trigger a heap-based buffer overflow. An exploit is public and information indicates non-responsiveness from the project after disclosure. No rem...

5.3CVSS5.9AI score0.00127EPSS
Exploits0References6
Rows per page
Query Builder