Lucene search
K

2533 matches found

RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59937

A flaw was found in pypdf, a pure-python PDF library. A remote attacker could exploit this vulnerability by crafting a malicious PDF file containing repeated malformed cross-reference streams. This could cause the pypdf library to spend excessive time recovering broken cross-reference table...

7.5CVSS6AI score0.00345EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago12 views

EUVD-2026-33939

mint: Unbounded streams map growth via PUSHPROMISE without follow-up HEADERS...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago5 views

org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

A flaw was found in Apache Log4j Core. This vulnerability allows for log injection through the use of Carriage Return Line Feed CRLF sequences. This occurs because security-related configuration attributes were silently renamed, impacting users who directly configure Rfc5424Layout with stream-bas...

7.5CVSS6.4AI score0.00831EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 6 days ago5 views

gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS6AI score0.0031EPSS
Exploits0References5
CVE
CVE
added last week8 views

CVE-2026-59936

Technical details about CVE-2026-59936 are not publicly available in the provided documents. Monitor for updates from official advisories to learn affected versions, impact, and fixes.

8.7CVSS6AI score0.00345EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added last week35 views

CVE-2026-59937 pypdf: Possible long runtimes for repeated malformed cross-reference entries

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0...

6.9CVSS0.00345EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-59937

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0...

6.9CVSS6AI score0.00345EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.16 views

PT-2026-56527

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.0 Description An attacker can craft a PDF containing repeated malformed cross-reference streams. This causes the library to spend excessive runtimes attempting to recover broken cross-reference table entries, leadi...

7.5CVSS6.1AI score0.00345EPSS
Exploits0References11
NVD
NVD
added 2026/07/06 9:16 p.m.10 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:17 p.m.7 views

EUVD-2026-24979

comm: FIFO/pipe inputs are drained before comparison data loss / hang...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/06 8:0 p.m.34 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:0 p.m.5 views

EUVD-2026-41923

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS5.9AI score0.00291EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:0 p.m.7 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS5.9AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 8:0 p.m.15 views

CVE-2026-55727

CVE-2026-55727 affects Genetec Security Center 5.14.0.0 (before build 5.14.178.18). A flaw in the authentication mechanism for video stream requests may allow an unauthenticated attacker to access live video streams. The CVSSv3.1 base score is 7.5 (HIGH) with network attack vector and no user int...

7.5CVSS5.9AI score0.00291EPSS
Exploits0References1
Fedora
Fedora
added 2026/07/05 1:10 a.m.10 views

[SECURITY] Fedora 44 Update: python-streamlink-8.4.0-1.fc44

Streamlink is a command-line utility that pipes video streams from various services into a video player, such as VLC. The main purpose of Streamlink is to allow the user to avoid buggy and CPU heavy flash plugins but still be able to enjoy various streamed content. There is also an API available...

6.5CVSS5.9AI score0.00345EPSS
Exploits1
Fedora
Fedora
added 2026/07/05 12:52 a.m.9 views

[SECURITY] Fedora 43 Update: python-streamlink-8.4.0-1.fc43

Streamlink is a command-line utility that pipes video streams from various services into a video player, such as VLC. The main purpose of Streamlink is to allow the user to avoid buggy and CPU heavy flash plugins but still be able to enjoy various streamed content. There is also an API available...

6.5CVSS5.9AI score0.00345EPSS
Exploits1
EUVD
EUVD
added 2026/07/03 6:11 a.m.7 views

EUVD-2026-41497

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

6AI score0.00891EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.7 views

Important: Red Hat Security Advisory: Streams for Apache Kafka 2.9.4 release and security update

Streams for Apache Kafka 2.9.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.5AI score0.38811EPSS
Exploits19References35
NVD
NVD
added 2026/07/01 5:16 p.m.9 views

CVE-2026-58453

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...

9.8CVSS0.0169EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 3:33 p.m.6 views

EUVD-2026-41049

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...

9.8CVSS5.8AI score0.0169EPSS
Exploits0References3
Rows per page
Query Builder