Lucene search
+L

11670 matches found

Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-50185 RustCrypto Cmov/CmovEq on aarch64 can produce wrong results if high-bits of registers are set

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. From 0.1.1 until 0.5.4, the aarch64 implementations of Cmov and CmovEq in cmov/src/backends/aarch64.rs assume high bits ar...

2CVSS0.00159EPSS
Exploits0References3
CVE
CVE
added 2 days ago26 views

CVE-2026-48045

The CVE-2026-48045 issue affects python-zeroconf (Zeroconf Pure Python) where AsyncListener.handle_query_or_defer retains every truncated TC-bit mDNS query per source in self._deferred[addr] and arms per-address timers in self._timers[addr]. This unbounded queue growth on LAN-local hosts (UDP/535...

6.5CVSS5.2AI score0.0023EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2 days ago8 views

CVE-2026-40469

A flaw was found in gawk. An integer overflow vulnerability exists in the dosub routine, which could allow an attacker to overwrite internal program data. This can lead to a denial of service DoS by causing the gawk program to crash. This issue affects 32-bit builds of gawk...

9.1CVSS5.3AI score0.00213EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago5 views

gawk: gawk: Denial of Service due to integer overflow

A flaw was found in gawk. An integer overflow vulnerability exists in the dosub routine, which could allow an attacker to overwrite internal program data. This can lead to a denial of service DoS by causing the gawk program to crash. This issue affects 32-bit builds of gawk...

9.1CVSS5.3AI score0.00213EPSS
Exploits0References6
OSV
OSV
added 5 days ago4 views

JLSEC-2026-695 The X25519 x86_64 assembly implementation fails to clear the most significant bit during the...

The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...

7.5CVSS6.1AI score0.00263EPSS
Exploits0References5
OSV
OSV
added 5 days ago4 views

JLSEC-2026-709

wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions sp256mul9, sp256sqr9, etc., leading to a timing...

5.9CVSS6.1AI score0.00265EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 5 days ago26 views

2026-07 .NET 9.0.18 Security Update for x64 Client (KB5104033)

2026-07 .NET 9.0.18 Security Update for x64 Client KB5104033...

6.1AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 5 days ago7 views

2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5099535)

2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems KB5099535...

6.1AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 5 days ago7 views

2026-07 .NET 10.0.10 Security Update for x86 Client (KB5104034)

2026-07 .NET 10.0.10 Security Update for x86 Client KB5104034...

6.1AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 5 days ago24 views

2026-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5099535)

2026-07 Cumulative Update for Windows Server 2016 for x64-based Systems KB5099535...

6.1AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 5 days ago9 views

2026-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB5101007)

2026-07 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 KB5101007...

6.1AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 5 days ago75 views

2026-07 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5099539)

2026-07 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems KB5099539...

6.1AI score
Exploits0
OSV
OSV
added 5 days ago6 views

DEBIAN-CVE-2026-59199

Pillow is a Python imaging library. Prior to 12.3.0, Pillow public image coordinate APIs can trigger a native heap out-of-bounds write when given coordinates near the signed 32-bit integer limits in Image.paste, Image.crop, or Image.alphacomposite. This issue is fixed in version 12.3.0...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References1
CVE
CVE
added 5 days ago11 views

CVE-2026-59199

Pillow (Python imaging library) prior to 12.3.0 is affected by a heap out-of-bounds write in public image coordinate APIs when coordinates near signed 32-bit limits are provided to Image.paste(), Image.crop(), or Image.alpha_composite(). The issue is fixed in 12.3.0. Affected component: Pillow’s ...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-58090

Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description Public image coordinate APIs in the Pillow Python imaging library can trigger a native heap out-of-bounds write. This occurs when coordinates near the signed 32-bit integer limits are provided to the...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References25
Cvelist
Cvelist
added 6 days ago42 views

CVE-2026-13221 Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunk

Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perlstudychunk. When such branches are combined into a trie, the delta between the first branch and the shared tail is stored ...

0.00606EPSS
Exploits0References2
NVD
NVD
added 6 days ago6 views

CVE-2026-40469

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

9.1CVSS0.00213EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 6 days ago6 views

CVE-2026-40469

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

9.1CVSS6AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-40469

In the provided documents, CVE-2026-40469 affects gawk, specifically 32-bit builds in versions 5.4.0 and earlier. The root cause is an integer overflow in the do_sub (subroutine) path within builtin.c, which could allow overwriting heap metadata and related objects, potentially causing the progra...

9.1CVSS6AI score0.00213EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-43494

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

9.1CVSS6AI score0.00213EPSS
Exploits0References2
Rows per page
Query Builder