Lucene search
K

210 matches found

RedhatCVE
RedhatCVE
added 2026/07/07 5:17 a.m.6 views

CVE-2026-14684

A flaw was found in HdrHistogram. A local attacker can exploit a vulnerability in the decodeFromByteBuffer function by manipulating the numberOfSignificantValueDigits argument. This manipulation leads to uncontrolled memory allocation, which can result in a Denial of Service DoS condition, making...

5CVSS5.6AI score0.0012EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/04 11:30 p.m.41 views

CVE-2026-14684 HdrHistogram AbstractHistogram.java memory allocation

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS0.0012EPSS
Exploits0References6
NVD
NVD
added 2026/06/30 2:16 p.m.12 views

CVE-2026-35097

KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026...

6.9CVSS0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 1:37 p.m.32 views

CVE-2026-35097 Weak Password Requirements in KTM System e-BOK

KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026...

6.9CVSS0.00249EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 6:16 p.m.10 views

CVE-2026-50171

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:49 p.m.35 views

CVE-2026-50171 Angular: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS0.00161EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 3:49 p.m.4 views

CVE-2026-50171 Angular: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS6AI score0.00161EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/22 3:49 p.m.7 views

CVE-2026-50171

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS5.8AI score0.00161EPSS
Exploits0
Veracode
Veracode
added 2026/06/20 7:33 a.m.6 views

Denial Of Service (DoS)

angular/common is vulnerable to Denial of Service DoS. The vulnerability is due to improper validation of the digitsInfo parameter in the formatNumber function, which allows an attacker to supply excessively large fraction digit values that trigger an unbounded loop and excessive memory...

8.2CVSS5.8AI score0.00161EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/15 4:52 p.m.39 views

@angular/common: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)

A Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber function, which is also utilized by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. Specifically, the minimum and maximum...

8.2CVSS5.5AI score0.00161EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/15 4:52 p.m.7 views

GHSA-P3VC-36G9-X9GR @angular/common: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)

A Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber function, which is also utilized by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. Specifically, the minimum and maximum...

8.2CVSS5.5AI score0.00161EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2026/06/10 12:0 a.m.11 views

Erlang/OTP -- stack overflow in ei_s_print_term for very large integer terms

https://github.com/erlang/otp/security/advisories/GHSA-xcxj-5pg2-v72j reports: Fixed a stack overflow in eisprintterm in erlinterface for very large integer terms more than 2000 hexadecimal digits long...

6.9CVSS5.5AI score0.00136EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/06 2:45 a.m.11 views

SUSE CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

6.5CVSS5.5AI score0.00196EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/06 2:45 a.m.10 views

SUSE CVE-2026-49942

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

7.3CVSS5.5AI score0.00312EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.12 views

CVE-2026-49942

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

7.3CVSS5.4AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

6.5CVSS5.4AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 5:16 p.m.10 views

CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

6.5CVSS0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 5:16 p.m.12 views

CVE-2026-49942

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

7.3CVSS0.00312EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/04 4:7 p.m.37 views

CVE-2026-49942 Net::CIDR::Set versions through 0.20 for Perl did not validate network masks

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

0.00312EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 4:7 p.m.3 views

CVE-2026-49942 Net::CIDR::Set versions through 0.20 for Perl did not validate network masks

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

7.3CVSS6AI score0.00312EPSS
Exploits0References7
Rows per page
Query Builder