Lucene search
K

361973 matches found

Cvelist
Cvelist
added last week29 views

CVE-2026-44017 Docling: Unsafe Zip Extraction in EasyOCR Model Download

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromi...

7.5CVSS0.00478EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added last week5 views

CVE-2026-44017 Docling: Unsafe Zip Extraction in EasyOCR Model Download

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromi...

7.5CVSS6.7AI score0.00478EPSS
Exploits0References2
NVD
NVD
added last week9 views

CVE-2026-55488

motionEye mEye is an online interface for a piece of software called "motion," which is a video surveillance program with motion detection. Versions prior to 0.44.0 contain an absolute path traversal vulnerability in multiple media file handlers that allows an attacker to read arbitrary files fro...

8.7CVSS0.00623EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added last week4 views

CVE-2026-12866

A flaw was found in expr-eval. A remote attacker can exploit this vulnerability by supplying crafted expressions to the toJSFunction API. These expressions are then compiled into native code using new Function, allowing the attacker to execute arbitrary JavaScript code. This can lead to arbitrary...

9.8CVSS6.6AI score0.00454EPSS
Exploits0References6
CVE
CVE
added last week13 views

CVE-2026-55488

CVE-2026-55488 (motionEye) is an absolute path traversal in motionEye prior to 0.44.0, affecting media file handlers that accept a user-controlled filename and build paths with os.path.join(). When an absolute path is provided, the target directory is ignored and the attacker-controlled path is u...

8.7CVSS6AI score0.00623EPSS
Exploits0References1
Cvelist
Cvelist
added last week36 views

CVE-2026-55488 motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read

motionEye mEye is an online interface for a piece of software called "motion," which is a video surveillance program with motion detection. Versions prior to 0.44.0 contain an absolute path traversal vulnerability in multiple media file handlers that allows an attacker to read arbitrary files fro...

8.7CVSS0.00623EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week4 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
Cvelist
Cvelist
added last week31 views

CVE-2026-57280

Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attackers able to provide such scripts to invoke arbitrary constructors and bypass the sandbox protection...

0.00372EPSS
Exploits0References1
NVD
NVD
added last week9 views

CVE-2026-56761

hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using malformed attribute names. Attackers can craft specially crafted attribute keys containing characters like quotes or angle brackets to break html tag...

5.3CVSS0.00174EPSS
Exploits0References2
NVD
NVD
added last week10 views

CVE-2026-13163

Open redirect vulnerability CWE-601 in the saferedirect function of the click-tracking endpoint /c// in Mailerup 1.0.0 on all platforms allows remote unauthenticated attackers to redirect victims to arbitrary external sites and conduct phishing attacks via a crafted u query parameter, because the...

5.3CVSS0.00329EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week4 views

Moderate: Red Hat Security Advisory: libpng12 security update

An update for libpng12 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added last week4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added last week4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added last week7 views

Moderate: Red Hat Security Advisory: libpng15 security update

An update for libpng15 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added last week4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added last week4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
EUVD
EUVD
added last week8 views

EUVD-2026-38759

Open redirect vulnerability CWE-601 in the saferedirect function of the click-tracking endpoint /c// in Mailerup 1.0.0 on all platforms allows remote unauthenticated attackers to redirect victims to arbitrary external sites and conduct phishing attacks via a crafted u query parameter, because the...

5.3CVSS6.1AI score0.00329EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week6 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added last week7 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added last week6 views

Moderate: Red Hat Security Advisory: libpng12 security update

An update for libpng12 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerabili...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References2
Rows per page
Query Builder