Lucene search
K

2521 matches found

UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.12 views

CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 9:16 p.m.6 views

UBUNTU-CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/14 8:17 p.m.11 views

EUVD-2026-30474

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 8:17 p.m.32 views

CVE-2026-42327

The CVE-2026-42327 vulnerability affects rust-openssl bindings for OpenSSL, where X509Ref::ocsp_responders returns OCSP responder URLs from the AIA extension. In versions 0.9.7 through before 0.10.79, the code constructs &str from IA5String bytes using an unchecked UTF-8 assumption, allowing non-...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 8:17 p.m.10 views

CVE-2026-42327 rust-openssl: undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 8:17 p.m.29 views

CVE-2026-42327 rust-openssl: undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS0.00211EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/14 8:17 p.m.8 views

CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0
OSV
OSV
added 2026/05/14 7:15 p.m.11 views

CLSA-2026-1778769697 kernel: Fix of 31 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - HID: ignore non-functional sensor in HP 5MP Camera CVE-2025-21992 - net: fix crash when config small gsomaxsize/gsoipv4maxsize CVE-2024-50258 - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow CVE-2024-53042 - ALSA:...

7.8CVSS6.5AI score0.00272EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

rust-openssl 输入验证错误漏洞

rust-openssl is an open-source library in Rust that allows for interaction with the OpenSSL library. In versions 0.9.7 to 0.10.79 of rust-openssl, there was a vulnerability related to input validation errors. This vulnerability stemmed from X509Ref::ocspresponders returning the OCSP responder URL...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40301

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017584)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017584 advisory. In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavi...

4.3CVSS6.7AI score0.01072EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017608 advisory. A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form...

4.3CVSS6AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017577 advisory. A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior i...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017563 advisory. A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior...

4.3CVSS6.7AI score0.00966EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017592 advisory. A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

4.3CVSS6.7AI score0.01114EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017602)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017602 advisory. A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017569)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017569 advisory. A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick...

5.5CVSS6.6AI score0.00982EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.7 views

openSUSE 16 Security Update : log4cxx (openSUSE-SU-2026:20705-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20705-1 advisory. Changes in log4cxx: - update to 1.7.0 bsc1261994, CVE-2026-40023: Non-ascii characters incorrectly encoded in JSON output 615 XML output could contain...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References3
NVD
NVD
added 2026/05/08 10:16 p.m.61 views

CVE-2026-42199

Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked...

6.2CVSS0.00132EPSS
Exploits0References3
Rows per page
Query Builder