Lucene search
K

3338 matches found

RedHat Linux
RedHat Linux
added 4 days ago4 views

brace-expansion: Brace-expansion: Denial of Service due to exponential-time complexity

A flaw was found in brace-expansion. An attacker can exploit a vulnerability in the expand function by providing a specially crafted string. This string, containing consecutive non-expanding brace groups, can trigger exponential-time complexity, leading to significant CPU consumption and event-lo...

8.7CVSS6.2AI score0.00361EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 days ago3 views

assertj: AssertJ: Information disclosure and denial of service via XML External Entity (XXE)

A flaw was found in AssertJ. An XML External Entity XXE vulnerability exists in the XmlStringPrettyFormatter component, which is used by the isXmlEqualToCharSequence assertion. If an application processes untrusted XML input using these methods, a remote attacker could exploit this flaw to read...

9.1CVSS7.2AI score0.00542EPSS
Exploits0References8
OSV
OSV
added 6 days ago2 views

CVE-2026-44161 Fluentd: Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Prior to 1.19.3, the Fluentd outhttp output plugin allows placeholders such as $tag in the endpoint configuration parameter, and if a placeholder value is derived from untrusted...

7.2CVSS7.1AI score0.00449EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-44161 Fluentd: Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Prior to 1.19.3, the Fluentd outhttp output plugin allows placeholders such as $tag in the endpoint configuration parameter, and if a placeholder value is derived from untrusted...

7.2CVSS0.00449EPSS
Exploits0References4
NVD
NVD
added 6 days ago8 views

CVE-2026-54590

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...

5.9CVSS0.00285EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-54590 AsyncSSH AuthorizedKeysFile username substitution bypass through ~ and environment expansion

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...

5.9CVSS0.00285EPSS
Exploits0References3
CVE
CVE
added 6 days ago6 views

CVE-2026-54590

AsyncSSH (Python, v2.23.0) contains an incomplete fix for CVE-2026-45309 in SSHServerConfig._set_tokens that blocks /, , and .. before %u substitution in AuthorizedKeysFile but fails to block a leading ~ or ${ENV}. This allows later expansion in _expand_val and Path(filename).expanduser() to esca...

5.9CVSS6AI score0.00285EPSS
Exploits0References3
OSV
OSV
added 6 days ago7 views

BIT-LIBPHP-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/06 8:24 p.m.8 views

EUVD-2026-25012

mv: symlinks expanded during cross-device move resource exhaustion / data duplication...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 3:28 p.m.13 views

BIT-PYTHON-MIN-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7.1CVSS7.1AI score0.0029EPSS
Exploits0References58
OSV
OSV
added 2026/07/06 3:28 p.m.6 views

BIT-PYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References58
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-25282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential...

6.9CVSS6AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 4:5 p.m.7 views

GHSA-MHQ8-78PJ-5J79 OpenClaw's POSIX node system.run safe-bin allowlist could be widened by shell expansion

Summary On POSIX nodes, OpenClaw's system.run safe-bin checks could approve a command before shell expansion changed how the command was interpreted. A value that appeared to be a safe-bin argument could expand into additional shell words and become a file operand. This issue is limited to paired...

7.1CVSS6.1AI score0.00191EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 2:13 p.m.3 views

PYSEC-2026-741 XML Entity Expansion in trytond and proteus

An XML Entity Expansion XEE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. A...

7.5CVSS6AI score0.01927EPSS
Exploits0References10
EUVD
EUVD
added 2026/07/01 8:51 p.m.8 views

EUVD-2026-40297

Rancher has over-inclusive team membership expansion in GitHub App authentication provider...

8.8CVSS5.8AI score0.0037EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/07/01 3:35 a.m.6 views

SUSE CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

7.5CVSS5.7AI score0.00361EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive...

8.7CVSS6.2AI score0.00361EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 6:32 p.m.18 views

EUVD-2026-31974

obanweb: Unbounded range expansion in cron describe causes memory exhaustion...

5.9CVSS5.8AI score0.00341EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/30 2:51 p.m.7 views

CVE-2026-13149

A flaw was found in brace-expansion. An attacker can exploit a vulnerability in the expand function by providing a specially crafted string. This string, containing consecutive non-expanding brace groups, can trigger exponential-time complexity, leading to significant CPU consumption and event-lo...

8.7CVSS5.8AI score0.00361EPSS
Exploits0References5
NVD
NVD
added 2026/06/30 12:16 p.m.8 views

CVE-2026-41053

Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2...

8.8CVSS0.0037EPSS
Exploits0References1
Rows per page
Query Builder