Lucene search
+L

7064 matches found

snyk
snyk
added 2026/07/01 4:19 p.m.6 views

Deserialization of Untrusted Data

Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can execute arbitrary code, escalate privileges, tamper with dat...

8.5CVSS6.1AI score0.00169EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 12:26 p.m.9 views

EUVD-2026-40957

A vulnerability in allegroai/clearml versions up to and including 1.16.5 allows for relative path traversal when extracting .zip archives using the ZipFile.extractall method in StorageManager.extracttocache. This issue arises due to the lack of path traversal validation, enabling an attacker to...

2.4CVSS6.5AI score0.00357EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 2:41 a.m.8 views

EUVD-2026-40869

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS7.4AI score0.1308EPSS
Exploits2References2
cvelist
cvelist
added 2026/07/01 12:58 a.m.39 views

CVE-2026-57963 Chat UI manipulation by injection

An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...

0.00181EPSS
Exploits0References3
nvd
nvd
added 2026/07/01 12:16 a.m.5 views

CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS0.00117EPSS
Exploits0References1
osv
osv
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54900

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References3
osv
osv
added 2026/06/30 11:39 p.m.2 views

BIT-GHOST-2026-53945 Ghost: Server-side request forgery via DNS rebinding in external request handling

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. Th...

4CVSS5.8AI score0.0014EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/30 11:24 p.m.8 views

CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS5.9AI score0.00117EPSS
Exploits0
osv
osv
added 2026/06/30 11:17 p.m.6 views

DEBIAN-CVE-2026-54696

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dumpobj, io and JSON::Stategenerateobj, io can write past the internal JSON generat...

3.7CVSS6AI score0.00301EPSS
Exploits0References1
cve
cve
added 2026/06/30 11:16 p.m.36 views

CVE-2026-54592

The CVE-2026-54592 vulnerability affects Oj (Optimized JSON), a Ruby gem JSON parser/marshaller. In versions prior to 3.17.3, Oj::Doc#each_child can overflow a fixed-size stack buffer when recursively traversing deeply nested JSON, causing a DoS. The issue arises from a two-step chain in ext/oj/f...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/30 11:8 p.m.33 views

CVE-2026-54500 Oj: intern.c form_attr has an uninitialized stack read

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surfac...

5.3CVSS0.00197EPSS
Exploits0References1
osv
osv
added 2026/06/30 10:16 p.m.5 views

UBUNTU-CVE-2026-57204

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAXDECLAREDSTREAMLENGTH is sometimes ignored. This requires parsing a content stream...

6.9CVSS5.7AI score0.00206EPSS
Exploits0References4
osv
osv
added 2026/06/30 10:16 p.m.6 views

UBUNTU-CVE-2026-57585

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS5.7AI score0.00278EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/30 10:5 p.m.24 views

CVE-2026-54696 Ruby JSON: JSON generator heap buffer overflow when streaming to an IO

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dumpobj, io and JSON::Stategenerateobj, io can write past the internal JSON generat...

3.7CVSS0.00301EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/30 2:28 p.m.34 views

CVE-2026-27881 Coolify: Cross-team deployment information disclosure via GET /api/v1/deployments/{uuid} (IDOR)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, GET /api/v1/deployments/uuid in DeployController.php retrieves deployment details without validating that the deployment belongs to the authenticated user's team. Any...

5CVSS0.00162EPSS
Exploits0References1
nvd
nvd
added 2026/06/30 1:19 p.m.9 views

CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS0.00215EPSS
Exploits0References3
osv
osv
added 2026/06/30 1:19 p.m.15 views

UBUNTU-CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.7AI score0.00243EPSS
Exploits0References5
cve
cve
added 2026/06/30 12:1 p.m.13 views

CVE-2026-53433

In fzf, CVE-2026-53433, the DoS arises from inefficient HTTP body processing in the --listen mode due to repeated string concatenation, giving quadratic time (O(n²)) for a crafted POST request with many small segments. This can cause a single malicious request to monopolize the single-threaded HT...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2026/06/30 12:1 p.m.6 views

CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

7.5CVSS5.8AI score0.00243EPSS
Exploits0
euvd
euvd
added 2026/06/30 12:1 p.m.7 views

EUVD-2026-40302

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

5.6CVSS5.8AI score0.00243EPSS
Exploits0References3
Rows per page
Query Builder