Lucene search
K

427 matches found

NVD
NVD
added 11 hours ago5 views

CVE-2026-61872

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...

2.5CVSS
Exploits0References2
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-44620

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...

2.5CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 12 hours ago6 views

CVE-2026-61872 ImageMagick before 7.1.2-26 Memory Leak via TIFF Encoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...

2.5CVSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 12:31 a.m.7 views

EUVD-2026-41221

An improper input validation in the gazeborosdiffdrive.cpp component of gazeboplugins v3.9.0 allows attackers to cause a Denial of Service DoS via supplying a crafted geometrymsgs::Twist message...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 10:16 p.m.6 views

CVE-2026-38891

An improper input validation in the gazeborosdiffdrive.cpp component of gazeboplugins v3.9.0 allows attackers to cause a Denial of Service DoS via supplying a crafted geometrymsgs::Twist message...

7.5CVSS0.00343EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40543

Inappropriate implementation in Geometry in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00199EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 12:0 a.m.14 views

CVE-2026-38891

The CVE-2026-38891 issue affects gazebo_plugins v3.9.0, specifically the gazebo_ros_diff_drive.cpp component. An improper input validation flaw can be triggered by a crafted geometry_msgs::Twist message, enabling a Denial of Service (DoS). The available connected sources consistently describe the...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 12:0 a.m.5 views

CVE-2026-38891

An improper input validation in the gazeborosdiffdrive.cpp component of gazeboplugins v3.9.0 allows attackers to cause a Denial of Service DoS via supplying a crafted geometrymsgs::Twist message...

5.8AI score0.00343EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54759

Name of the Vulnerable Software and Affected Versions gazebo plugins version 3.9.0 Description Improper input validation in the gazebo ros diff drive.cpp component allows attackers to cause a Denial of Service DoS by supplying a crafted geometry msgs::Twist message. Recommendations At the moment,...

7.5CVSS6AI score0.00343EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-13857

Inappropriate implementation in Geometry in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:37 p.m.146 views

CVE-2026-13857

CVE-2026-13857 describes an insecure implementation in Chrome’s Geometry handling that permits a remote attacker to spoof UI via a crafted HTML page, requiring the user to perform specific UI gestures. The vulnerability affects Chrome versions prior to 150.0.7871.47 and can be triggered when a us...

4.2CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13857

Inappropriate implementation in Geometry in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00199EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.26 views

CVE-2026-13857

Inappropriate implementation in Geometry in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00199EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54134

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in Geometry allows a remote attacker to perform UI spoofing via a crafted HTML page, provided they can convince a user to perform specific UI gestures...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This out-of-bounds read vulnerability arises from the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions. It allows an attacker to read uninitialized or out-of-bounds memory. An attacker with access to the X1...

9.1CVSS6.7AI score0.00489EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 5:47 a.m.3 views

BIT-MONGODB-2026-9752 GeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS5.8AI score0.0027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-9752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygo...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.11 views

CVE-2026-9752

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 12:31 a.m.11 views

EUVD-2026-35851

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 11:17 p.m.15 views

CVE-2026-9752

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS0.0027EPSS
Exploits0References1
Rows per page
Query Builder