Lucene search
+L

17029 matches found

CVE
CVE
added 2 days ago11 views

CVE-2026-59860

Kiota is an OpenAPI-based HTTP client code generator. Prior to 1.32.3, it is affected by a code-generation injection in the C# XML documentation-comment sink when OpenAPI descriptions are written into single-line /// comments without stripping newline/Unicode terminators, allowing injection into ...

8.7CVSS6.1AI score0.01016EPSS
Exploits0References4
OSV
OSV
added 2 days ago4 views

UBUNTU-CVE-2026-38753

A use-after-free in the awksub function editors/awk.c of Busybox...

7.5CVSS6.1AI score0.00278EPSS
Exploits0References2
NVD
NVD
added 3 days ago8 views

CVE-2026-38752

A stack overflow in the evaluate function editors/awk.c of BusyBox commit 371fe9 allows attackers to cause a Denial of Service DoS via supplying a crafted AWK script...

7.5CVSS0.00307EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-60313

Name of the Vulnerable Software and Affected Versions Busybox version 1.38.0 Description A heap overflow occurs in the ifsbreakup function located in shell/ash.c. This issue allows attackers to cause a Denial of Service DoS by providing a specially crafted input. A heap overflow is a memory...

6.1AI score0.00307EPSS
Exploits0References4
OSV
OSV
added 4 days ago5 views

CVE-2026-49854 Tornado: Out-of-bounds memory access in C extension

Tornado is a Python web framework and asynchronous networking library. Prior to 6.5.6, the optional native extension tornado.speedups implemented websocketmask without validating that the mask argument is exactly four bytes, allowing the C function to read up to three bytes beyond the provided...

5.3CVSS6.1AI score0.0045EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago41 views

CVE-2026-40469 Heap buffer overflow in gawk

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

5.1CVSS0.00213EPSS
Exploits0References2
Fedora
Fedora
added 6 days ago7 views

[SECURITY] Fedora 44 Update: log4cxx-1.7.0-2.fc44

Log4cxx is a popular logging package written in C++. One of its distinctive features is the notion of inheritance in loggers. Using a logger hierarchy it is possible to control which log statements are output at arbitrary granularity. This helps reduce the volume of logged output and minimize the...

6.3CVSS6.2AI score0.00499EPSS
Exploits0
Fedora
Fedora
added 2026/07/11 1:12 a.m.6 views

[SECURITY] Fedora 44 Update: perl-HTML-Gumbo-0.19-1.fc44

Gumbo is an implementation of the HTML5 parsing algorithm implemented as a pure C99 library with no outside dependencies...

9.8CVSS6.1AI score0.00663EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/10 7:19 a.m.32 views

CVE-2026-40454 Apache IoTDB C++ client: Out-of-bounds reads in C++ client TsBlock deserializer crash client process on malformed server data

Out-of-bounds Read, Improper Input Validation vulnerability in Apache IoTDB C++ client. Out-of-bounds reads in IoTDB C++ client TsBlock deserializer crash client process on malformed server data. This issue affects Apache IoTDB C++ client: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users...

0.00278EPSS
Exploits0References1
Fedora
Fedora
added 2026/07/10 12:54 a.m.7 views

[SECURITY] Fedora 44 Update: c-ares-1.34.7-1.fc44

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

5.9AI score
Exploits0
OSV
OSV
added 2026/07/10 12:0 a.m.4 views

UBUNTU-CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS6.2AI score0.00137EPSS
Exploits0References5
NVD
NVD
added 2026/07/09 11:17 p.m.6 views

CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS0.00137EPSS
Exploits0References2
CVE
CVE
added 2026/07/09 10:37 p.m.14 views

CVE-2026-59858

Vim prior to 9.2.0735 is affected by CVE-2026-59858 where the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: entry field into a :vimgrep pattern without escaping. This allows a crafted tag field to close the search pattern and append an arbitrary...

8.4CVSS6AI score0.00137EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/09 10:37 p.m.13 views

CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS6.2AI score0.00137EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/09 5:24 p.m.13 views

glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...

9.8CVSS6.1AI score0.00502EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/07/09 5:24 p.m.11 views

Moderate: Red Hat Security Advisory: compat-glibc security update

An update for compat-glibc is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

9.8CVSS6AI score0.00502EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/07/09 9:10 a.m.8 views

CVE-2026-33630

A flaw was found in c-ares. A use-after-free / double-free vulnerability exists in the query-completion handling path, where a query callback is invoked while the query is still linked in internal lookup structures. A remote attacker can exploit this via aresgetaddrinfo over TCP by sending crafte...

7.5CVSS6AI score
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/07/09 12:0 a.m.5 views

cargo-c-0.10.23-1.1 on GA media (moderate)

cargo-c-0.10.23-1.1 on GA media Announcement ID: openSUSE-SU-2026:11210-1 Rating: moderate Cross-References: CVE-2026-41676 CVE-2026-41677 CVE-2026-41678 CVE-2026-41681 CVE-2026-41898 CVE-2026-42327 CVE-2026-44662 CVE-2026-45784 CVSS scores: CVE-2026-41676 SUSE : 6.5...

8.7CVSS5.9AI score0.00359EPSS
Exploits0
EUVD
EUVD
added 2026/07/08 2:55 p.m.6 views

EUVD-2026-42275

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS5.9AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2026/07/08 12:0 a.m.2 views

OPENSUSE-SU-2026:11210-1 cargo-c-0.10.23-1.1 on GA media

These are all security issues fixed in the cargo-c-0.10.23-1.1 package on the GA media of openSUSE Tumbleweed...

9.3CVSS6.1AI score0.00359EPSS
Exploits0References8
Rows per page
Query Builder