18669 matches found
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
CVE-2026-44018
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the NestedParamsEncoder module through the dehash routine. An attacker can cause the application to crash and exhaust system resources by submitting a deeply nested query string that triggers uncontrolled...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB, the getsortbytable function before version 10.6.2 allows an application to crash due to certain uses of the ORDER BY clause...
Astra Linux – Vulnerability in SQLite3
SQLite 3.30.1 improperly handles certain SELECT statements involving a non-existent VIEW, resulting in an application crash...
Astra Linux – Vulnerability in DjVuLibre
A flaw was discovered in djvulibre-3.5.28 and earlier. A malicious read operation in the function DJVU::DataPool::hasdata, through a crafted djvu file, may cause the application to crash and lead to other issues...
Astra Linux – Vulnerability in Nettle
A flaw was discovered in the way Nettle’s RSA decryption functions handled specially crafted ciphertext. An attacker could exploit this flaw to deliver manipulated ciphertext, resulting in application crashes and denial of service...
Astra Linux – Vulnerability in Mariadb 10.3
MariaDB before version 10.6.2 allows an application to crash due to improper handling of a pushdown from a HAVING clause to a WHERE clause...
Astra Linux – Vulnerability in Mariadb 10.3
MariaDB version 10.5.13 allows a hamaria::extra application to crash due to certain SELECT statements...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB version 10.5.9, an application can crash due to certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations related to temporary data structures...
Astra Linux – Vulnerability in taglib
TagLib before version 2.0 allows a segmentation violation and causes the application to crash during tag writing when a crafted WAV file is used, in which the id3 chunk is the only valid chunk...
Astra Linux – Vulnerability in Mariadb 10.3
MariaDB before version 10.6.5 has a sqllex.cc integer overflow issue, which can lead to an application crash...
Astra Linux – Vulnerability in glibc
The mqnotify function in the GNU C Library also known as glibc versions 2.32 and 2.33 has a use-after-free vulnerability. It may access the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, resulting in a denial of service...
Astra Linux – Vulnerability in imagemagick
A heap-based buffer overflow vulnerability was discovered in the ImageMagick package, which can cause the application to crash...
CVE-2026-12644
Versions of the package ts-deepmerge before 8.0.0 are vulnerable to Uncaught Exception due to the improper handling of built-in Object.prototype methods such as toString, valueOf. When user-controlled input contains these keys with non-function values, the resulting merged object becomes broken —...