Lucene search
K

12570 matches found

SUSE CVE
SUSE CVE
added 2 days ago3 views

SUSE CVE-2026-42563

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, Dulwich's ProcessMergeDriver substitutes the file path from the git tree, controllable by an attacker via a malicious branch into the merge driver command via the ...

7CVSS5.7AI score0.00084EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago3 views

SUSE CVE-2026-46522

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

7.5CVSS5.2AI score0.01061EPSS
Exploits2References3
CVE
CVE
added 3 days ago9 views

CVE-2026-1500

GitLab CE/EE (versions 17.10 prior to 18.10.8, 18.11 prior to 18.11.5, and 19.0 prior to 19.0.2) are affected by CVE-2026-1500. An authenticated user could trigger denial of service via uncontrolled resource consumption when processing a specially crafted file upload. The issue has been remediate...

6.5CVSS5.5AI score0.00034EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-36233

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS5.5AI score0.00034EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago23 views

CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS0.00034EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 3 days ago4 views

CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS5.5AI score0.00034EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-48645

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.10 through 18.10.7 GitLab CE/EE versions 18.11 through 18.11.4 GitLab CE/EE versions 19.0 through 19.0.1 Description An issue exists where an authenticated user can cause a denial of service through uncontrolled resour...

6.5CVSS5.2AI score0.00034EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

GitLab 17.10 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-1500)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

6.5CVSS5.5AI score0.00034EPSS
Exploits0References5
Snyk
Snyk
added 4 days ago2 views

Uncontrolled Recursion

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago2 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago2 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the MVG decoder when processing a crafted file due to a missing depth or visited-set check. An attacker can cause a denial of service by supplying a specially crafted MVG file that triggers a stack overflow...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago3 views

Uncontrolled Recursion

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago3 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
GithubExploit
GithubExploit
added 4 days ago26 views

Exploit for Improper Encoding or Escaping of Output in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20245 - Cisco SD-WAN Privilege Escalation Exploit !...

7.8CVSS6AI score0.00356EPSS
Exploits1
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-48502

draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. The vulnerability is not in the label sanitizer which works correctly on the rendering path but in...

6.1CVSS5.9AI score0.00036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 5 days ago4 views

CVE-2026-34657 CAI Content Credentials | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to...

5.5CVSS5.6AI score0.00024EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

5.4CVSS0.00034EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS0.00032EPSS
Exploits1References2
NVD
NVD
added 5 days ago5 views

CVE-2025-55658

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gfopusparsepacketheader function mediatools/avparsers.c. bThis vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS0.00034EPSS
Exploits1References1
NVD
NVD
added 5 days ago6 views

CVE-2025-52292

A stack buffer overflow in the fileinprocess function infile.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

7.5CVSS0.0004EPSS
Exploits1References2
Rows per page
Query Builder