Lucene search
K

11 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-15184

A vulnerability was found in GNU LibreDWG up to 0.13.4. The impacted element is the function dwgnextentity of the file src/dwg.c of the component DWG File Handler. Performing a manipulation of the argument nextobj results in null pointer dereference. The attack must be initiated from a local...

4.8CVSS0.00118EPSS
Exploits0References9
EUVD
EUVD
added 4 days ago10 views

EUVD-2026-42580

A vulnerability has been found in GNU LibreDWG up to 0.13.4. The affected element is the function dwgbmp of the file src/dwg.c of the component BMP Image Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the...

5.3CVSS5.9AI score0.00133EPSS
Exploits0References10
Fedora
Fedora
added 2026/05/25 12:51 a.m.18 views

[SECURITY] Fedora 44 Update: aw-server-rust-0.14.0^20260516.gitdf49b3d-1.fc44

A re-implementation of aw-server in Rust...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

GNU LibreDWG 安全漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A security vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a heap buffer overflow in the decompressR2004section function of the src/decode.c file in the Dwgread...

5.3CVSS6.2AI score0.00154EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.7 views

Fedora 42 : pyp2spec (2026-91671b8061)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-91671b8061 advisory. Automatic update for pyp2spec-0.14.1-1.fc42. Changelog for pyp2spec Tue Apr 21 2026 Packit - 0.14.1-1 - Update to 0.14.1 upstream release - Resolves:...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.5 views

PT-2026-29970

Name of the Vulnerable Software and Affected Versions Shynet versions prior to 0.14.0 Description Shynet versions before 0.14.0 are susceptible to Host header injection within the password reset process. Recommendations Update Shynet to version 0.14.0 or later...

6.5CVSS5.2AI score0.00103EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/03/05 6:49 a.m.4 views

SUSE CVE-2026-29022

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

7.8CVSS6.1AI score0.00207EPSS
Exploits1References3
OSV
OSV
added 2026/01/14 4:52 p.m.4 views

CVE-2026-22787 html2pdf.js has a cross-site scripting vulnerability

html2pdf.js converts any webpage or element into a printable PDF entirely client-side. Prior to 0.14.0, html2pdf.js contains a cross-site scripting XSS vulnerability when given a text source rather than an element. This text is not sufficiently sanitized before being attached to the DOM, allowing...

8.7CVSS5.7AI score0.00324EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/09/11 6:3 p.m.11 views

CVE-2025-59047 matrix-sdk-base has panic in the `RoomMember::normalized_power_level()` method

matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t...

6.9CVSS0.00374EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.4 views

NLnet Routinator 安全漏洞

NLnet Routinator is an RPKI Resource Public Key Infrastructure validator from the NLnet team written in the Rust language. A security vulnerability exists in NLnet Routinator version 0.14.0 and earlier, which stems from code that initially parses a manifest without checking the contents of the...

7.5CVSS6.6AI score0.00458EPSS
Exploits0References2
PyPA
PyPA
added 2024/10/28 2:15 p.m.12 views

PYSEC-2024-299

Reachable Assertion in BPv7 parser in µD3TN v0.14.0 allows attacker to disrupt service via malformed Extension Block...

7.5CVSS5.8AI score0.00426EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder