Lucene search
K

5857 matches found

RedHat Linux
RedHat Linux
added 6 days ago3 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6.2AI score0.00485EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-59892

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx- HTTP header values with decodeURIComponent without handling decode errors, allowing an unauthenticated remote attacker to send a malformed...

7.5CVSS6AI score0.00436EPSS
Exploits0References4Affected Software1
NVD
NVD
added 6 days ago8 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS0.00394EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-14454 Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

0.00394EPSS
Exploits0References2
CVE
CVE
added 6 days ago14 views

CVE-2026-14454

Imager for Perl prior to 1.033 mishandles unsigned EXIF IFD entry counts by treating them as signed, potentially causing an attempt to allocate a block near the address space and terminating a worker process. This can be triggered by crafting an image with crafted EXIF data. The published fix is ...

9.8CVSS6AI score0.00394EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS6AI score0.00394EPSS
Exploits0
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42226

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

6AI score0.00394EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-56397

Name of the Vulnerable Software and Affected Versions Imager versions prior to 1.033 Description Imager for Perl incorrectly treats unsigned EXIF IFD Image File Directory entry counts as signed. When processing large entry count values, the software interprets them as negative numbers, which can...

9.8CVSS6.1AI score0.00394EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week4 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6AI score0.00485EPSS
Exploits0References5
OSV
OSV
added last week4 views

PYSEC-2026-1563 LlamaIndex Improper Handling of Exceptional Conditions vulnerability

A vulnerability in the LangChainLLM class of the run-llama/llamaindex repository, version v0.12.5, allows for a Denial of Service DoS attack. The streamcomplete method executes the llm using a thread and retrieves the result via the getresponsegen method of the StreamingGeneratorCallbackHandler...

7.5CVSS7.2AI score0.00761EPSS
Exploits1References6
EUVD
EUVD
added 2026/07/06 7:55 p.m.6 views

EUVD-2026-25017

kill: 'kill -1' parsed as PID -1, sending SIGTERM to all processes system crash / DoS...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-56051

Name of the Vulnerable Software and Affected Versions Cilium versions 1.19.0 through 1.19.1 Cilium versions 1.18.0 through 1.18.7 Cilium versions prior to 1.17.14 Description When L7 functionality is enabled, the Envoy instance creates a world-accessible socket on cluster nodes. A local attacker...

9.2CVSS5.9AI score0.00017EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 3:16 p.m.8 views

CVE-2026-12386

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from =4.1.5 before 4.2.1...

3.9CVSS0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/05 2:31 p.m.10 views

EUVD-2026-41764

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from =4.1.5 before 4.2.1...

3.9CVSS5.9AI score0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/05 2:31 p.m.32 views

CVE-2026-12386 Buffer Overflow in TUBITAK BILGEM's Pardus Pen

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from =4.1.5 before 4.2.1...

3.9CVSS0.00096EPSS
Exploits0References1
CVE
CVE
added 2026/07/05 2:31 p.m.16 views

CVE-2026-12386

CVE-2026-12386 describes an improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen, causing an overflow in buffers. Affected: Pardus Pen versions ≤ 4.1.5, before 4.2.1. The provided documents do not specify the exact vulnerable component, cod...

3.9CVSS5.9AI score0.00096EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.14 views

PT-2026-55802

Name of the Vulnerable Software and Affected Versions Pardus Pen versions 4.1.5 through 4.2.0 Description An improper null termination issue in Pardus Pen allows for buffer overflows. This occurs when a string is not properly terminated with a null character, potentially allowing data to overwrit...

3.9CVSS6.1AI score0.00096EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/07/03 3:5 a.m.5 views

SUSE CVE-2026-53112

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irqpreparebcntasklet The irqpreparebcntasklet is initialized in rtlpciinit and scheduled when RTLIMRBCNINT interrupt is triggered by hardware. But it is never...

5.8AI score0.00164EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/07/01 4:27 p.m.9 views

CVE-2026-20213

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

7.5CVSS7.3AI score0.00463EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/07/01 3:33 a.m.7 views

CVE-2026-44041 UltraVNC vncWc2Mb calls wcslen() before validating that the wide string is NUL-terminated

UltraVNC through 1.8.2.2 contains an out-of-bounds read in the wide-string to multibyte conversion helper. In rfb/dh.cpp:204, the vncWc2Mb function passes a caller-supplied WCHAR pointer to wcslen before any bounds check. If the caller provides a wide-character buffer that is not properly...

4.3CVSS5.9AI score0.00316EPSS
Exploits0References3
Rows per page
Query Builder