Lucene search
+L

996 matches found

cve
cve
added 2 days ago20 views

CVE-2026-46635

Twig before 3.26.0 allows a sandbox bypass via the column filter (array_column on objects): when rendering with column in allowedFilters, object arrays passed to PHP’s array_column() read public and magic properties directly, bypassing SandboxExtension::checkPropertyAllowed(). This bypass occurs ...

5.3CVSS6.1AI score0.00371EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2026/07/09 3:29 p.m.3 views

netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays

A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by sending a specially crafted Redis payload containing deeply nested arrays. This action forces the server to allocate a large number of state objects and collections, leading to memory exhaustion...

7.5CVSS5.9AI score0.0038EPSS
Exploits0References7
osv
osv
added 2026/07/08 8:47 p.m.2 views

CVE-2026-49866 libp2p: CPU DoS via oversized IHAVE and IWANT control message arrays

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to 16.0.0, @libp2p/gossipsub defaultDecodeRpcLimits set maxIhaveMessageIDs and maxIwantMessageIDs to Infinity, allowing oversized IHAVE and IWANT control message arrays in message/decodeRpc.ts and gossipsub.ts to synchronousl...

7.5CVSS6.1AI score0.00446EPSS
Exploits0References6
osv
osv
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2806 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
osv
osv
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2805 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
osv
osv
added 2026/07/06 6:25 a.m.5 views

OESA-2026-2804 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
osv
osv
added 2026/07/02 2:13 p.m.3 views

PYSEC-2026-723 Out-of-bounds Read in OpenCV

An out-of-bounds read was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.0.25. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading...

6.5CVSS6.5AI score0.01742EPSS
Exploits1References8
ossf
ossf
added 2026/06/29 8:52 a.m.10 views

Malicious code in endpointmap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa2ddbcbdd90508af14415a021644c1ab8a57e432b526425e4c5128b23f897bb endpointmap advertises itself as a REST endpoint registry but exhibits a two-package smuggle pattern. lib/registry.js exports two non-printable byte...

5.8AI score
Exploits0References3
osv
osv
added 2026/06/29 8:52 a.m.8 views

MAL-2026-6588 Malicious code in endpointmap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa2ddbcbdd90508af14415a021644c1ab8a57e432b526425e4c5128b23f897bb endpointmap advertises itself as a REST endpoint registry but exhibits a two-package smuggle pattern. lib/registry.js exports two non-printable byte...

5.8AI score
Exploits0References3
cve
cve
added 2026/06/25 10:39 p.m.25 views

CVE-2026-40083

Cacti 1.2.30 and earlier are impacted by an SQL Injection in managers.php. The vulnerability arises from unsanitized data flow: user-supplied selected_graphs_array is deserialized via cacti_unserialize (unserialize with allowed_classes = false), then deserialized values are directly concatenated ...

7.2CVSS6AI score0.00279EPSS
Exploits1References2Affected Software1
euvd
euvd
added 2026/06/25 9:31 p.m.11 views

EUVD-2026-38363

MessagePack-CSharp: Typeless deserialization type restrictions do not recurse into arrays or generic arguments...

7.5CVSS5.9AI score0.00246EPSS
Exploits0References2
osv
osv
added 2026/06/25 9:31 p.m.4 views

GHSA-QHMF-XW27-6RQR MessagePack-CSharp: Typeless deserialization type restrictions do not recurse into arrays or generic arguments

Summary MessagePack-CSharp's typeless deserialization includes MessagePackSerializerOptions.ThrowIfDeserializingTypeIsDisallowedType as a safety check for dangerous types. The default implementation checks the outer type name, but it does not recursively inspect array element types or generic typ...

6.3CVSS5.9AI score0.00246EPSS
Exploits0References3
euvd
euvd
added 2026/06/25 9:26 p.m.11 views

EUVD-2026-38381

MessagePack-CSharp: Multi-dimensional array formatters allocate from unchecked dimensions...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
osv
osv
added 2026/06/25 9:26 p.m.6 views

GHSA-CXMJ-83GH-FP49 MessagePack-CSharp: Multi-dimensional array formatters allocate from unchecked dimensions

Summary MessagePack-CSharp's multi-dimensional array formatters read dimension lengths directly from the payload and allocate T,, T,,, or T,,, before validating that the dimension product matches the encoded element count. The formatter reads a guarded element array header, but allocation of the...

6.3CVSS5.9AI score0.00231EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/25 5:22 p.m.6 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2026/06/25 5:22 p.m.40 views

CVE-2026-47770 jq: stack overflow in deep structural equality

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS0.00111EPSS
Exploits1References1
cve
cve
added 2026/06/25 5:22 p.m.40 views

CVE-2026-47770

The CVE-2026-47770 issue affects jq (the JSON processor) where comparing deeply nested arrays with the == operator can cause stack exhaustion via recursive structural comparison in src/jv.c (jvp_array_equal, jv_equal) and overflow in jv_cmp in src/jv_aux.c. This leads to a denial of service on at...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References1Affected Software1
alpinelinux
alpinelinux
added 2026/06/25 5:22 p.m.9 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References1
redhat
redhat
added 2026/06/23 6:48 p.m.9 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
nvd
nvd
added 2026/06/22 10:16 p.m.14 views

CVE-2026-48517

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's typeless deserialization includes MessagePackSerializerOptions.ThrowIfDeserializingTypeIsDisallowedType as a safety check for dangerous types. The default implementation checks the outer type nam...

7.5CVSS0.00246EPSS
Exploits0References1
Rows per page
Query Builder