Lucene search
K

2132 matches found

Amazon
Amazon
added 5 days ago5 views

Important: rclone

Issue Overview: The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size. CVE-2026-46601 The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause...

7.5CVSS5.9AI score0.00346EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS0.00344EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-41839

Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...

9.8CVSS6AI score0.00452EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 8:17 p.m.6 views

CVE-2026-59098

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...

7.1CVSS0.00238EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:42 p.m.9 views

CVE-2026-59098

LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting missing user-identifier predicates in the chunk model semanticSearch method...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...

7.5CVSS6.6AI score0.00631EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53224

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the...

9.1CVSS5.9AI score0.00547EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.5 views

SUSE CVE-2026-53224

In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...

9.1CVSS5.8AI score0.00547EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.8 views

SUSE CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.8 views

SUSE CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS6AI score0.00481EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:54 p.m.7 views

CVE-2026-53224

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...

9.1CVSS5.9AI score0.00547EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS0.00339EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 7:47 p.m.5 views

EUVD-2026-39550

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

5.8AI score0.00339EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:47 p.m.5 views

CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

5.8AI score0.00339EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 7:47 p.m.16 views

CVE-2026-46601

The CVE refers to a panic in the golang.org/x/image webp decoder when processing a VP8 chunk whose alpha channel size does not match the canvas size. Affected component: the WebP decoder in x/image/webp. Root cause: mismatch between VP8 chunk dimensions and the canvas size triggers a panic (crash...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.8 views

CVE-2026-53225

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF Address Configuration chunk. This can cause the system to read up to 16 bytes of...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS0.00481EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53224

In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...

9.1CVSS0.00547EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53224

In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...

9.1CVSS5.7AI score0.00547EPSS
Exploits0References6
Rows per page
Query Builder