59132 matches found
EUVD-2026-28435
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The...
EUVD-2026-28425
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-8113 8421bit MiniClaw executeSkillScript kernel.ts isPathInside path traversal
A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component executeSkillScript. Executing a manipulation can lead to path traversal. It is possible to laun...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the SWfinfo function of the HDF-EOS Grid File Handler componet. An attacker can cause a denial of service by supplying a specially crafted HDF-EOS swath file with an empty or single-character DimList value...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the SWfinfo function of the HDF-EOS Grid File Handler componet. An attacker can cause a denial of service by supplying a specially crafted HDF-EOS swath file with an empty or single-character DimList value...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the GDnentries function. An attacker can execute arbitrary code or cause a denial of service by providing a specially crafted DataFieldName argument. Remediation Upgrade gdal to version 3.13.0 or higher...
CVE-2026-39825
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-39836
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...
DEBIAN-CVE-2026-39825
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-39836
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...
CVE-2026-8087
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The...
UBUNTU-CVE-2026-39836
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...
CVE-2026-39836 Panic in Dial and LookupPort when handling NUL byte on Windows in net
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...
CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-39825
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-39836
The CVE-2026-39836 entry describes a panic in Windows when using Dial and LookupPort in Go’s net package if the input contains a NUL (0) byte. Affected component: Go’s networking functions (Dial, LookupPort); root cause is handling of NUL input leading to a crash. Impact stated by CVSS is HIGH av...
CVE-2026-39836
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...
CVE-2026-39825
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...
CVE-2026-39836
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0...