72898 matches found
CVE-2026-32875
A flaw was found in UltraJSON, a fast JSON encoder and decoder. This vulnerability allows a remote attacker to cause a denial of service DoS by providing a specially crafted large positive or negative indent value to the JSON serialization functions. This can lead to a buffer overflow, causing th...
Improper Input Validation
code.gitea.io/gitea is vulnerable to improper input validation. The vulnerability is due to insufficient validation of attachment file names in the attachment API, which allows an attacker to bypass file extension restrictions by modifying the attachment name...
CVE-2026-33062
free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...
CVE-2026-33062 free5GC NRF Discovery EncodeGroupId Function Panics on Malformed group-id-list Parameter
free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...
CVE-2026-33062
free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...
CVE-2026-33062
CVE-2026-33062 concerns free5GC NRF prior to 1.4.2. The vulnerability stems from the EncodeGroupId function: it accesses array indices [0], [1], [2] without validating the length of the split data, causing a panic when group-id-list is malformed. This leads to a denial of service by crashing the ...
DEBIAN-CVE-2026-4451
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-4451
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-4451
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
nrf 访问控制错误漏洞
nrf is a network storage library module open-sourced by free5GC. Versions prior to nrf 1.4.2 contained an access control vulnerability, which stemmed from improper input validation in the EncodeGroupId function. This vulnerability could lead to denial of service attacks...
TP-Link AX53 安全漏洞
The TP-Link AX53 is a wireless router produced by TP-Link Corporation. The TP-Link AX53 v1 version has a security vulnerability. This vulnerability stems from insufficient input validation, which may lead to stack-based buffer overflows, potentially causing service crashes or remote code executio...
rust-libp2p 输入验证错误漏洞
rust-libp2p is a Rust implementation of the libp2p open-source network stack. Prior to version 0.49.3, rust-libp2p had a vulnerability related to input validation errors. This vulnerability stemmed from the Gossipsub implementation accepting PRUNE evolutions controlled by attackers and potentiall...
Tekton Pipelines 输入验证错误漏洞
Tekton Pipelines is a cloud-native pipeline developed by Tekton Open Source. Versions 0.60.0 to 1.0.0, 1.1.0 to 1.3.2, 1.4.0 to 1.6.0, 1.7.0 to 1.9.0, 1.10.0, and 1.10.1 of Tekton Pipelines contain an input validation vulnerability. This vulnerability arises from a parser name that is too long,...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from integer overflow in the ANGLE component, which could allow remote attackers to exploit heap corruption through...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from an integer overflow in the ANGLE component of the Windows system, which could allow remote attackers to exploit heap...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability. This vulnerability stemmed from insufficient validation of untrusted inputs during navigation, which could allow remote attackers to execute a sandbox esca...
CVE-2026-4451
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
free5GC 输入验证错误漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.2.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from excessive slicing access within the CHF nchf-convergedcharging service, which could lea...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from an integer overflow in the Dawn component of the browser’s Mac system, which could allow remote attackers to exploit...
File Browser 输入验证错误漏洞
File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser 2.61.2 and earlier contained a vulnerability related to input validation errors. This...