Lucene search
K

119 matches found

Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-57249 Foxit PDF Editor/Reader Annotation Use-After-Free Vulnerability

After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed...

7.8CVSS0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 1:14 a.m.10 views

CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.6AI score0.02806EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in libexif

In libexif versions up to 0.6.25, a integer underflow in size checking for Fuji and Olympus MakerNote decoding could be exploited by attackers to cause programs that use libexif to crash or leak information...

7.1CVSS7AI score0.0014EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where the array length is inconsistent with the size of the element...

6.5CVSS6.7AI score0.0131EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/17 3:27 p.m.21 views

CVE-2026-1288 RFA File Parsing Vulnerability in Autodesk Revit

A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...

5.5CVSS0.00116EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.12 views

CVE-2026-44844

emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...

6.3CVSS5.5AI score0.00395EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 5:18 p.m.16 views

EUVD-2026-33722

Thor Vector Graphics ThorVG is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run allows any caller that passes untrusted SVG data to Picture::load to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5...

4.3CVSS5.8AI score0.00235EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.9 views

EUVD-2026-27812

In the Linux kernel, the following vulnerability has been resolved: HID: prodikeys: Check presence of pm-inputep82 Fake USB devices can send their own report descriptors for which the inputmapping hook does not get called. In this case, pm-inputep82 stays NULL, which leads to a crash later. This...

5.7AI score0.00123EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.8 views

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

6.1CVSS5.2AI score0.00362EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.11 views

SUSE CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.7AI score0.00381EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/22 2:16 p.m.10 views

CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34437

Name of the Vulnerable Software and Affected Versions PowerDNS dnsdist versions 1.9.0 through 1.9.12 PowerDNS dnsdist versions 2.0.0 through 2.0.3 Description An unauthenticated remote attacker can cause a denial-of-service by sending a crafted DNSCrypt query. This action triggers a divide-by-zer...

8.2CVSS5.2AI score0.00731EPSS
Exploits0References49
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-35215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdldesc function does not validate the lengt...

7.5CVSS7AI score0.00466EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.7 views

CVE-2026-5440

A memory exhaustion vulnerability exists in the HTTP server due to unbounded use of the Content-Length header. The server allocates memory directly based on the attacker supplied header value without enforcing an upper limit. A crafted HTTP request containing an extremely large Content-Length val...

7.5CVSS5.8AI score0.00566EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/13 11:8 p.m.10 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the MSL decoder process. An attacker can cause a crash by providing a specially crafted MSL file. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Commit ...

6.8CVSS5.8AI score0.00177EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/12 7:7 p.m.9 views

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the MakerNote decoding process for Fuji and Olympus cameras. An attacker can cause a crash or leak information by providing specially crafted image files. Remediation Upgrade libexif to version...

7.1CVSS5.3AI score0.0014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31411

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: atm: fix crash due to unvalidated vcc pointer in sigdsend Reproducer available at 1. The ATM send path sendmsg - vccsendmsg - sigdsend reads the vcc point...

5.5CVSS6AI score0.00125EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/05 8:45 p.m.24 views

CVE-2019-25666 SpotAuditor 3.6.7 Denial of Service Buffer Overflow

SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...

6.9CVSS0.00237EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.10 views

PT-2026-30411

A race condition during TCP connection teardown can cause tcp recv to operate on a connection that has already been released. If tcp conn search returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcp backlog is full and dereferenced without...

6.4CVSS5.8AI score0.00198EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-58136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 throug...

7.5CVSS5.9AI score0.00673EPSS
Exploits0References3
Rows per page
Query Builder