Lucene search
K

1296 matches found

Nuclei
Nuclei
added 15 hours ago49 views

Apache Tomcat - HTTP Request Smuggling

Apache Tomcat from versions 8.5.0 to 8.5.93, 9.0.0-M1 to 9.0.81, 10.1.0-M1 to 10.1.13, and 11.0.0-M1 to 11.0.0-M11 contain an improper input validation caused by incorrect parsing of HTTP trailer headers, letting attackers craft headers to cause request smuggling, exploit requires sending malicio...

5.3CVSS6.7AI score0.05848EPSS
Exploits2References3
CVE
CVE
added 2 days ago14 views

CVE-2026-55206

CVE-2026-55206 (py7zr) affects the Python-based 7z library py7zr. The root cause is an O(n^2) cumulative-sum implementation in PackInfo._read() (archiveinfo.py) that parses attacker-controlled numstreams from archive headers. This causes excessive CPU usage during SevenZipFile.init() before extra...

8.7CVSS5.9AI score0.00321EPSS
Exploits0References3
NVD
NVD
added 2 days ago10 views

CVE-2026-59874

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to make no progress while repeatedly parsing the same header. This issue is fixed in version 7.5.18...

8.7CVSS0.00291EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago5 views

gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser

A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...

7.1CVSS6AI score0.00228EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago6 views

gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser

A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...

7.1CVSS6AI score0.00228EPSS
Exploits0References4
NVD
NVD
added 2 days ago11 views

CVE-2026-57258

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57258 Foxit PDF Editor/Reader Crash via Malformed PRC 3D Stream

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-42190

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS6AI score0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-57258

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS6AI score0.00112EPSS
Exploits0References2Affected Software2
CVE
CVE
added 3 days ago13 views

CVE-2026-58470

GNU Wget 1.25.0 and earlier is affected by an integer overflow in parse_content_range() (src/http.c) triggered by server-controlled Content-Range headers, leading to undefined behavior and download desynchronization. The issue is fixed in commit 43d3ba9, and users should upgrade to a version that...

6.9CVSS6.1AI score0.00247EPSS
Exploits0References2Affected Software1
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-44362

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked ...

5.5CVSS6AI score0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-44362

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked ...

5.5CVSS6AI score0.00122EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/30 8:17 a.m.8 views

CVE-2026-53537

A flaw was found in Python-Multipart. This vulnerability allows a remote attacker to bypass security controls by exploiting a difference in how Content-Disposition and Content-Type headers are parsed. Specifically, the parseoptionsheader function incorrectly applies RFC 2231/5987 decoding, which ...

5.3CVSS5.8AI score0.00177EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/06/29 8:6 a.m.3 views

Nmap - Integer Underflow in IPv6 Extension Header Parsing

...

6.9CVSS5.9AI score0.00278EPSS
Exploits0
CVE
CVE
added 2026/06/28 1:32 a.m.24 views

CVE-2026-58058

CVE-2026-58058 : Nmap up to 7.99 is affected by an integer underflow in IPv6 extension-header parsing (ipv6_get_data_primitive in libnetutil/netutil.cc). A crafted or truncated IPv6 extension header returned by a scanned target or on-path attacker can cause the remaining-length to underflow to a ...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in glib2.0

A flaw was discovered in Glib’s content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored as a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access...

2.8CVSS5.9AI score0.00139EPSS
Exploits1References3
OSV
OSV
added 2026/06/24 1:11 p.m.6 views

OESA-2026-2718 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing...

5.3CVSS5.9AI score0.00321EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.19 views

CVE-2026-56306 Capgo - Subkey Enforcement Bypass via x-limited-key-id Header Parsing

Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate headers that result in NaN or falsy values. Remote attackers can manipulate the x-limited-key-id header ...

6.4CVSS0.00251EPSS
Exploits0References2
OSV
OSV
added 2026/06/20 6:57 a.m.2 views

SUSE-SU-2026:22209-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. - CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. - CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163. -...

9.8CVSS7.2AI score0.49727EPSS
Exploits18References23
Github Security Blog
Github Security Blog
added 2026/06/19 9:16 p.m.7 views

py7zr: O(n^2) algorithmic complexity DoS in PackInfo._read()

Summary PackInfo.read uses an On^2 cumulative sum pattern where numstreams is read directly from the archive header. A crafted .7z archive with a large numstreams value causes excessive CPU consumption during SevenZipFile.init — no extraction is needed. A 50 KB archive takes 7 seconds of CPU time...

8.7CVSS5.8AI score0.00321EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder