Lucene search
K

711 matches found

Cvelist
Cvelist
added 4 days ago38 views

CVE-2026-14454 Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

0.00394EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 3:11 p.m.15 views

CVE-2026-24264

CVE-2026-24264 affects NVIDIA Triton Inference Server for Linux. The security bulletin documents that an attacker can cause improper handling of highly compressed data, with the impact being denial of service . The vulnerability is addressed by updating to Triton Server r26.04 or later . Affected...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/30 11:7 a.m.2 views

SUSE-SU-2026:22458-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...

9.8CVSS6.6AI score0.93235EPSS
Exploits44References350
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/06/29 5:18 a.m.8 views

Multiple vulnerabilities in Fluentd

Overview Fluentd provided by Fluentd Project contains multiple vulnerabilities listed below. Path traversal in $tag Placeholder CWE-22 - CVE-2026-44024 Missing authentication for critical function in Monitor Agent API CWE-306 - CVE-2026-44025 Improper handling of highly compressed data in inhttp...

9.8CVSS6AI score0.01107EPSS
Exploits0References17
NVD
NVD
added 2026/06/26 9:16 p.m.12 views

CVE-2026-54350

Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and, where the builder has published a PUBLIC write...

10CVSS0.00538EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.7 views

CVE-2026-53015

A flaw was found in the Linux kernel's erofs filesystem. On 32-bit platforms, the lcn variable, used for logical cluster numbers, was defined as a 32-bit integer. This could lead to truncation when calculating offsets larger than 4 Gigabytes GiB, potentially causing incorrect data handling within...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ext4: Do not zero the entire extent if EXT4EXTDATAPARTIALVALID1 is true. When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, the...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 a.m.7 views

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 5:17 a.m.5 views

UBUNTU-CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:37 a.m.11 views

CVE-2026-9539

CVE-2026-9539 affects freedesktop.org libslirp (prior to v4.9.2) used on hypervisor host environments (e.g., QEMU). A vulnerability in the TCP urgent data handling (sosendoob) can cause an out-of-bounds heap read and integer underflow, enabling a privileged guest VM attacker (root or CAP_NET_RAW)...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:37 a.m.10 views

EUVD-2026-38654

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51663

Name of the Vulnerable Software and Affected Versions libslirp versions prior to v4.9.2 Description An integer underflow and out-of-bounds heap read exist in the TCP urgent data handling sosendoob within hypervisor host environments, such as QEMU. A privileged guest VM attacker with root or CAP N...

6.5CVSS5.8AI score0.00106EPSS
Exploits0References11
OSV
OSV
added 2026/06/22 2:45 p.m.3 views

OPENSUSE-SU-2026:21016-1 Security update for mutt

This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. - CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. - CVE-2026-43861: missing check for \0 in urlpctdecode...

3.7CVSS5.8AI score0.00201EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-49738

Name of the Vulnerable Software and Affected Versions NLTK versions prior to 3.10.0-rc1 Description The nltk.data.load function is subject to path traversal when using the nltk: URL scheme. The issue arises because the UNSAFE NO PROTOCOL RE regex check is performed on the raw resource string befo...

7.5CVSS6AI score0.00378EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.13.0 : libsodium (EulerOS-SA-2026-2175)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.6AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.12.1 : expat (EulerOS-SA-2026-2073)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

7.8CVSS5.8AI score0.00193EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.11 views

CVE-2026-44483

RVF formerly Remix Validated Form provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @rvf/set-get used by @rvf/core to flatten incoming form data into a nested object does not block the keys proto, constructor, or prototype when walking ...

8.2CVSS5.6AI score0.00271EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 6:51 p.m.14 views

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

2.5CVSS5.8AI score0.0013EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/27 8:9 p.m.10 views

CVE-2026-46071

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM subsystem, specifically affecting its nested virtualization nSVM capabilities. The issue arises from incorrect handling of Virtual Machine Control Block Last Branch Record VMCBLBR data when copied to vmcb12, an operation that...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.20 views

PT-2026-43725

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O. A potential for stale data occur...

5.4AI score0.00155EPSS
Exploits0References14
Rows per page
Query Builder