Lucene search
K

72898 matches found

RedhatCVE
RedhatCVE
added 2026/03/20 7:0 a.m.4 views

CVE-2026-32875

A flaw was found in UltraJSON, a fast JSON encoder and decoder. This vulnerability allows a remote attacker to cause a denial of service DoS by providing a specially crafted large positive or negative indent value to the JSON serialization functions. This can lead to a buffer overflow, causing th...

7.5CVSS6.1AI score0.00469EPSS
Exploits1References6
Veracode
Veracode
added 2026/03/20 5:39 a.m.6 views

Improper Input Validation

code.gitea.io/gitea is vulnerable to improper input validation. The vulnerability is due to insufficient validation of attachment file names in the attachment API, which allows an attacker to bypass file extension restrictions by modifying the attachment name...

8.2CVSS7.2AI score0.00295EPSS
Exploits0References5Affected Software3
NVD
NVD
added 2026/03/20 3:16 a.m.11 views

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...

8.7CVSS0.00674EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/20 2:46 a.m.3 views

CVE-2026-33062 free5GC NRF Discovery EncodeGroupId Function Panics on Malformed group-id-list Parameter

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...

8.7CVSS5.9AI score0.00674EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 2:46 a.m.4 views

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...

8.7CVSS6AI score0.00674EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/20 2:46 a.m.12 views

CVE-2026-33062

CVE-2026-33062 concerns free5GC NRF prior to 1.4.2. The vulnerability stems from the EncodeGroupId function: it accesses array indices [0], [1], [2] without validating the length of the split data, causing a panic when group-id-list is malformed. This leads to a denial of service by crashing the ...

8.7CVSS6AI score0.00674EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/20 2:16 a.m.3 views

DEBIAN-CVE-2026-4451

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.3AI score0.00253EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:34 a.m.2 views

CVE-2026-4451

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00253EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/20 1:34 a.m.3 views

CVE-2026-4451

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.3AI score0.00253EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.14 views

nrf 访问控制错误漏洞

nrf is a network storage library module open-sourced by free5GC. Versions prior to nrf 1.4.2 contained an access control vulnerability, which stemmed from improper input validation in the EncodeGroupId function. This vulnerability could lead to denial of service attacks...

8.7CVSS6.4AI score0.00674EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.7 views

TP-Link AX53 安全漏洞

The TP-Link AX53 is a wireless router produced by TP-Link Corporation. The TP-Link AX53 v1 version has a security vulnerability. This vulnerability stems from insufficient input validation, which may lead to stack-based buffer overflows, potentially causing service crashes or remote code executio...

9.8CVSS6.4AI score0.00528EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

rust-libp2p 输入验证错误漏洞

rust-libp2p is a Rust implementation of the libp2p open-source network stack. Prior to version 0.49.3, rust-libp2p had a vulnerability related to input validation errors. This vulnerability stemmed from the Gossipsub implementation accepting PRUNE evolutions controlled by attackers and potentiall...

8.7CVSS5.8AI score0.00473EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.13 views

Tekton Pipelines 输入验证错误漏洞

Tekton Pipelines is a cloud-native pipeline developed by Tekton Open Source. Versions 0.60.0 to 1.0.0, 1.1.0 to 1.3.2, 1.4.0 to 1.6.0, 1.7.0 to 1.9.0, 1.10.0, and 1.10.1 of Tekton Pipelines contain an input validation vulnerability. This vulnerability arises from a parser name that is too long,...

6.5CVSS6.4AI score0.00368EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from integer overflow in the ANGLE component, which could allow remote attackers to exploit heap corruption through...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from an integer overflow in the ANGLE component of the Windows system, which could allow remote attackers to exploit heap...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability. This vulnerability stemmed from insufficient validation of untrusted inputs during navigation, which could allow remote attackers to execute a sandbox esca...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.3 views

CVE-2026-4451

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.4 views

free5GC 输入验证错误漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.2.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from excessive slicing access within the CHF nchf-convergedcharging service, which could lea...

7.1CVSS6.4AI score0.00404EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from an integer overflow in the Dawn component of the browser’s Mac system, which could allow remote attackers to exploit...

4.3CVSS5.9AI score0.00176EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.5 views

File Browser 输入验证错误漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser 2.61.2 and earlier contained a vulnerability related to input validation errors. This...

8.1CVSS6.4AI score0.01903EPSS
Exploits1References2
Rows per page
Query Builder