Lucene search
+L

28 matches found

nessus
nessus
added 2026/07/01 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated...

7.5CVSS6AI score0.00215EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/30 2:28 p.m.8 views

CVE-2026-53432

A flaw was found in fzf. An integer overflow vulnerability exists in the FuzzyMatchV2 function when processing exceptionally long input lines and patterns. This can lead to the application terminating unexpectedly with a non-recoverable panic, resulting in a Denial of Service DoS. A local user...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References6
osv
osv
added 2026/06/30 1:19 p.m.5 views

DEBIAN-CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References1
osv
osv
added 2026/06/30 1:19 p.m.3 views

DEBIAN-CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References1
osv
osv
added 2026/06/30 1:19 p.m.6 views

UBUNTU-CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References5
osv
osv
added 2026/06/30 1:19 p.m.15 views

UBUNTU-CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.7AI score0.00243EPSS
Exploits0References5
cvelist
cvelist
added 2026/06/30 12:1 p.m.34 views

CVE-2026-53433 Denial of Service in fzf

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

5.7CVSS0.00215EPSS
Exploits0References3
cve
cve
added 2026/06/30 12:1 p.m.13 views

CVE-2026-53433

In fzf, CVE-2026-53433, the DoS arises from inefficient HTTP body processing in the --listen mode due to repeated string concatenation, giving quadratic time (O(n²)) for a crafted POST request with many small segments. This can cause a single malicious request to monopolize the single-threaded HT...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2026/06/30 12:1 p.m.7 views

CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.8AI score0.00215EPSS
Exploits0
osv
osv
added 2026/06/30 12:1 p.m.4 views

CVE-2026-53433 Denial of Service in fzf

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

5.7CVSS5.9AI score0.00243EPSS
Exploits0References5
cvelist
cvelist
added 2026/06/30 12:1 p.m.33 views

CVE-2026-53432 Integer Overflow in fzf

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

5.6CVSS0.00243EPSS
Exploits0References3
osv
osv
added 2026/06/30 12:1 p.m.4 views

CVE-2026-53432 Integer Overflow in fzf

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

5.6CVSS5.9AI score0.00243EPSS
Exploits0References5
debiancve
debiancve
added 2026/06/30 12:1 p.m.6 views

CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

7.5CVSS5.8AI score0.00243EPSS
Exploits0
cve
cve
added 2026/06/30 12:1 p.m.20 views

CVE-2026-53432

CVE-2026-53432 (fzf) affects the fzf project, specifically the FuzzyMatchV2 function. Affected scenario involves processing extremely long input lines (≈2,200,000 bytes) with a pattern length of 999 bytes, which causes an integer overflow and triggers a non-recoverable panic, terminating the proc...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References3Affected Software1
rapid7blog
rapid7blog
added 2024/10/04 7:53 p.m.37 views

Metasploit Weekly Wrap-Up 10/04/2024

New module content 3 cups-browsed Information Disclosure Authors: bcoles and evilsocket Type: Auxiliary Pull request: 19510 contributed by bcoles Path: scanner/misc/cupsbrowsedinfodisclosure Description: Adds scanner module to retrieve CUPS version and kernel version information from cups-browsed...

9.8CVSS10AI score0.75384EPSS
Exploits10
kitploit
kitploit
added 2023/10/27 8:2 p.m.53 views

Arsenal - Just A Quick Inventory And Launcher For Hacking Programs

Arsenal is just a quick inventory, reminder and launcher for pentest commands. This project written by pentesters for pentesters simplify the use of all the hard-to-remember commands In arsenal you can search for a command, select one and it's prefilled directly in your terminal. This functionali...

7.5AI score
Exploits0References4
openvas
openvas
added 2022/08/18 12:0 a.m.32 views

Fedora: Security Advisory for fzf (FEDORA-2022-30c5ed5625)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.0995EPSS
Exploits7References2
fedora
fedora
added 2022/08/17 1:36 a.m.64 views

[SECURITY] Fedora 35 Update: fzf-0.29.0-2.fc35

fzf is a general-purpose command-line fuzzy finder. It's an interactive Unix filter for command-line that can be used with any list; files, command history, processes, hostnames, bookmarks, git commits, etc...

9.3CVSS8.2AI score0.44095EPSS
Exploits9
openvas
openvas
added 2022/07/31 12:0 a.m.7 views

Fedora: Security Advisory for golang-github-msprev-fzf-bibtex (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
openvas
openvas
added 2022/07/31 12:0 a.m.5 views

Fedora: Security Advisory for fzf (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Rows per page
Query Builder