Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-58014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty...

8.6CVSS6AI score0.00293EPSS
Exploits1References4
NVD
NVD
added 2026/06/30 1:19 p.m.9 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

8.6CVSS0.00293EPSS
Exploits1References3
OSV
OSV
added 2026/06/30 1:19 p.m.4 views

UBUNTU-CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

8.6CVSS5.7AI score0.00293EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/30 12:57 p.m.7 views

EUVD-2026-40316

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

7.3CVSS5.8AI score0.00293EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 12:57 p.m.5 views

CVE-2026-58014

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

7.3CVSS5.8AI score0.00293EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/30 12:57 p.m.45 views

CVE-2026-58014 Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"

A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...

7.3CVSS0.00293EPSS
Exploits1References3
CVE
CVE
added 2026/06/30 12:57 p.m.17 views

CVE-2026-58014

GLib contains an off-by-one flaw in g_key_file_get_locale_string_list (gkeyfile.c) that triggers when loading a key file with an empty value. The issue allows an out-of-bounds access of one byte and can cause denial of service if the access crosses a page boundary. Affected component is GLib’s ke...

8.6CVSS5.8AI score0.00293EPSS
Exploits1References3Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53873

Name of the Vulnerable Software and Affected Versions glib2 affected versions not specified mingw-glib2 affected versions not specified Description An off-by-one error exists in the g key file get locale string list function within the gkeyfile.c file. This issue occurs when the software loads a...

8.6CVSS6AI score0.00293EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2025/11/20 12:56 a.m.4 views

SUSE CVE-2022-24785

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...

7.5CVSS8.8AI score0.05664EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1677

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.05664EPSS
Exploits0References35
Vulnrichment
Vulnrichment
added 2025/08/26 5:20 p.m.3 views

CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...

7.5CVSS7.5AI score0.04065EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/08/26 3:29 p.m.10 views

ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution

Summary A format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code...

8.8CVSS8AI score0.04065EPSS
Exploits1References6Affected Software18
OSV
OSV
added 2025/08/26 3:29 p.m.2 views

GHSA-9CCG-6PJW-X645 ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution

Summary A format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code...

7.5CVSS8.8AI score0.04065EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.5 views

SUSE CVE-2007-4784

The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service application crash via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be...

5CVSS7.5AI score0.02545EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.3 views

SUSE CVE-2016-7415

Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode ICU through 57.1 for C/C++ allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a long locale string...

9.8CVSS9.8AI score0.05798EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/10/05 10:44 a.m.3 views

Moment.js: Path traversal in moment.locale

A path traversal vulnerability was found in Moment.js that impacts npm server users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity...

7.5CVSS6.8AI score0.05664EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 5:15 p.m.1 views

DEBIAN-CVE-2022-24785

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...

7.5CVSS6.8AI score0.05664EPSS
Exploits0References1
NVD
NVD
added 2022/04/04 5:15 p.m.23 views

CVE-2022-24785

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...

7.5CVSS0.05664EPSS
Exploits0References8
Prion
Prion
added 2022/04/04 5:15 p.m.33 views

Path traversal

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...

5CVSS7.6AI score0.05664EPSS
Exploits0References7Affected Software4
Cvelist
Cvelist
added 2022/04/04 12:0 a.m.89 views

CVE-2022-24785 Path Traversal in Moment.js

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...

7.5CVSS7.7AI score0.05664EPSS
Exploits0References7
Rows per page
Query Builder