Lucene search
K

234 matches found

Fedora
Fedora
added 4 days ago10 views

[SECURITY] Fedora 43 Update: python-pendulum-3.2.0-1.fc43

Unlike other datetime libraries for Python, Pendulum is a drop-in replacement for the standard datetime class it inherits from it, so, basically, you can replace all your datetime instances by DateTime instances in you code. It also removes the notion of naive datetimes: each Pendulum instance is...

5.9AI score
Exploits0
Circl
Circl
added 6 days ago7 views

CVE-2026-0282

creationtimestamp| type| source ---|---|--- 2026-07-08 19:03:50+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3mq5spheeb723 2026-07-09 04:46:18+00:00| seen| https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities20260709 2026-07-09 21:04:25+00:00| seen...

6.9CVSS6.6AI score0.00357EPSS
Exploits0References4
Circl
Circl
added 2026/07/01 10:26 p.m.8 views

CVE-2026-53340

creationtimestamp| type| source ---|---|--- 2026-07-01 22:26:33+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmkrk2x5l2r...

5.8AI score0.00154EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 1:19 p.m.15 views

CVE-2026-58011

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

7.5CVSS0.00344EPSS
Exploits1References4
OSV
OSV
added 2026/06/30 1:19 p.m.5 views

UBUNTU-CVE-2026-58011

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

7.5CVSS5.7AI score0.00344EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/30 12:57 p.m.47 views

CVE-2026-58011 Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

6.5CVSS0.00344EPSS
Exploits1References3
CVE
CVE
added 2026/06/30 12:57 p.m.19 views

CVE-2026-58011

CVE-2026-58011 (GLib) : A flaw in GLib’s g_date_time_get_ymd (glib/gdatetime.c) allows an out-of-bounds read of 2 bytes when an invalid GDateTime object from g_date_time_add_full is processed. This can corrupt date output and potentially cause logic errors leading to a denial of service. Exploita...

7.5CVSS5.7AI score0.00344EPSS
Exploits1References4Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/30 12:57 p.m.7 views

CVE-2026-58011 Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

6.5CVSS5.7AI score0.00344EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/06/30 12:57 p.m.6 views

CVE-2026-58011

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

7.5CVSS5.7AI score0.00344EPSS
Exploits1References4
Circl
Circl
added 2026/06/18 8:15 a.m.22 views

CVE-2026-10736

creationtimestamp| type| source ---|---|--- 2026-06-18 08:15:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mokf5nzsdj2z 2026-06-19 02:33:25+00:00| seen| https://bsky.app/profile/pmloik.bsky.social/post/3momciyt73y2g...

4.9CVSS5.8AI score0.00363EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.11 views

CVE-2026-44241

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap whose key is derived from the @Format annotation...

7.5CVSS5.6AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.11 views

CVE-2026-44375

Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the...

7.5CVSS5.6AI score0.00358EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 12:30 a.m.14 views

EUVD-2026-34055

The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the formsettingsui settings save handler, procedural include scope functio...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/02 11:27 p.m.47 views

CVE-2026-9732 EmergencyWP <= 1.4.2 - Cross-Site Request Forgery to Plugin Settings Update

The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the formsettingsui settings save handler, procedural include scope functio...

4.3CVSS0.00128EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:32 p.m.12 views

CVE-2026-44375

Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the...

7.5CVSS5.9AI score0.00358EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/12 9:20 p.m.6 views

CVE-2026-44241 Micronaut Framework: Unbounded formattersCache in TimeConverterRegistrar Allows Memory Exhaustion via Accept-Language Header

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, 3.10.6, and 3.8.14, TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap whose key is derived from the...

7.5CVSS6.2AI score0.0055EPSS
Exploits0References9
Circl
Circl
added 2026/05/12 4:57 a.m.11 views

CVE-2026-40136

creationtimestamp| type| source ---|---|--- 2026-05-12 04:57:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmyt54c6l2p 2026-05-12 14:20:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:07+00:00| seen|...

4.3CVSS5.8AI score0.0029EPSS
Exploits0References3
Circl
Circl
added 2026/05/09 9:49 p.m.13 views

CVE-2026-42571

creationtimestamp| type| source ---|---|--- 2026-05-09 21:49:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlh7zev7at2t 2026-05-10 00:00:43+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlhhd4dhnd2p 2026-05-10 00:01:03+00:00| seen|...

9CVSS5.8AI score0.0032EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-016813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016813 advisory. A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...

3.7CVSS6AI score0.00447EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/06 8:0 p.m.13 views

Micronaut has unbounded `formattersCache` in `TimeConverterRegistrar` that Allows Memory Exhaustion via `Accept-Language` Header

Summary TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap whose key is derived from the @Format annotation pattern concatenated with the locale from the HTTP Accept-Language header. Because Locale.forLanguageTag accepts arbitrary BCP 47 private-use...

7.5CVSS5.9AI score0.0055EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder