Lucene search
K

7 matches found

OSV
OSV
added 2026/05/24 12:15 a.m.7 views

CLSA-2026-1779581754 tigervnc: Fix of CVE-2026-34000

CVE-2026-34000: widen bounds check in CheckSetGeom to cover both key alias names 2 XkbKeyNameLength and prevent out-of-bounds read of uninitialized memory in XkbAddGeomKeyAlias...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References1
OSV
OSV
added 2026/05/23 12:50 a.m.7 views

CLSA-2026-1779497454 tigervnc: Fix of CVE-2026-34000

CVE-2026-34000: widen bounds check in CheckSetGeom to cover both key alias names 2 XkbKeyNameLength and prevent out-of-bounds read of uninitialized memory in XkbAddGeomKeyAlias bundled xorg-server...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 4:16 p.m.20 views

CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

9.1CVSS0.00489EPSS
Exploits0References27
OSV
OSV
added 2024/08/07 3:15 p.m.1 views

DEBIAN-CVE-2024-42005

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed arg...

7.3CVSS7.2AI score0.01227EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.7 views

cxf: OpenId Connect token service does not properly validate the clientId

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore JKS/PKCS12 by specifing the...

7.5CVSS7.3AI score0.0606EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/11 8:17 p.m.2 views

cxf: OpenId Connect token service does not properly validate the clientId

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore JKS/PKCS12 by specifing the...

7.5CVSS7.3AI score0.0606EPSS
Exploits0References4
OSV
OSV
added 2018/08/25 12:0 a.m.4 views

UBUNTU-CVE-2018-15858

Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file...

5.5CVSS6.7AI score0.00431EPSS
Exploits0References5
Rows per page
Query Builder