Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/21 3:58 p.m.32 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

4.9CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 7:16 p.m.12 views

CVE-2026-4944

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

8.8CVSS0.00747EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/09/12 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2022-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.05664EPSS
Exploits2References8
OSV
OSV
added 2014/10/25 9:55 p.m.3 views

DEBIAN-CVE-2014-1927

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.5CVSS8.1AI score0.03388EPSS
Exploits2References1
Rows per page
Query Builder