Lucene search
+L

13758 matches found

CVE
CVE
added 2026/07/08 7:36 a.m.18 views

CVE-2026-57255

CVE-2026-57255 affects Foxit PDF Editor/Reader. A PDF with an abnormal color space contains attributes referencing a semantically malformed function; the function’s output isn’t validated, leading to an illegal pointer read that accesses an out-of-bounds region and crashes the application. The de...

6.1CVSS6AI score0.00107EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2026/07/08 7:35 a.m.17 views

CVE-2026-57258

CVE-2026-57258 affects Foxit PDF Editor/Reader. The issue lies in the PRC 3D stream header parsing logic, which trusts a constructed file structure description and reads an underlying array, leading to out-of-bounds reads and application crashes. This is a local-access vulnerability requiring use...

6.1CVSS6AI score0.00112EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/07/08 7:35 a.m.34 views

CVE-2026-57258 Foxit PDF Editor/Reader Crash via Malformed PRC 3D Stream

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/08 5:30 a.m.6 views

CVE-2026-54234

A flaw was found in vLLM, a high-throughput and memory-efficient inference and serving engine for Large Language Models LLMs. A remote attacker can exploit this vulnerability by sending a specially crafted multi-request speculative decoding workload through public gRPC Generate and Abort endpoint...

7.5CVSS5.9AI score0.00343EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/07/08 12:0 a.m.6 views

CVE-2026-50812

A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service. The issue occurs when sqlite3changesetapplyv3 applies a corrupt changeset...

5.5CVSS6AI score0.00112EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.11 views

PT-2026-56354

Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description The application crashes when opening a PDF containing an abnormal color space. This occurs because the attributes reference a valid but semantically malformed function whose...

6.1CVSS6.1AI score0.00107EPSS
Exploits0References5
CVE
CVE
added 2026/07/08 12:0 a.m.9 views

CVE-2026-50812

SQLite 3.53.1 and earlier trunk builds of the SQLite Session Extension are affected by a NULL pointer dereference in sqlite3changeset_apply_v3() when applying a malformed changeset, reaching sqlite3_value_type() with a NULL sqlite3_value pointer, leading to denial of service. The issue is tied to...

5.5CVSS6AI score0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 12:0 a.m.4 views

CVE-2026-50812

A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service. The issue occurs when sqlite3changesetapplyv3 applies a corrupt changeset...

5.5CVSS6.1AI score0.00112EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 4:3 p.m.6 views

PYSEC-2026-1810 pyasn1 has a DoS vulnerability in decoder

Summary After reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. Details The integer issue can be found in the decoder as reloid += subId 7 + nextSubId,:...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References10
OSV
OSV
added 2026/07/06 4:16 p.m.6 views

ALPINE-CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.3CVSS6.1AI score0.00487EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 4:16 p.m.8 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS0.00487EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 2:32 p.m.21 views

CVE-2026-13122

Summary: CVE-2026-13122 affects OpenVPN up to v2.6.20 and v2.7.4 (including 2.7_alpha1–2.7.4). A malformed authentication token, when external-auth is enabled, can trigger a reachable assertion and cause a denial of service. Impact: Denial of service; vulnerability affects remote attacker exploit...

5.9CVSS6AI score0.00487EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:32 p.m.13 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score0.00487EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/06 2:32 p.m.6 views

EUVD-2026-41880

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score0.00487EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 2:32 p.m.38 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS0.00487EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/07/06 2:32 p.m.7 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score0.00487EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 2:23 p.m.3 views

OPENSUSE-SU-2026:21242-1 Security update for assimp

This update for assimp fixes the following issues - CVE-2025-11277: large mWidth and mHeight dimensions can lead to integer overflow and a heap-based buffer overflow bsc1251019. - CVE-2026-10197: NULL pointer dereference in ImportEmbeddedTextures when mimeType lacks '/' bsc1266996. -...

7.8CVSS6.5AI score0.00222EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/07/06 10:47 a.m.12 views

CVE-2026-14631

A flaw was found in webpack-dev-server. An unauthenticated remote attacker could send a specially crafted HTTP request with a malformed Host header or a WebSocket upgrade with a malformed Origin header. This malformed input causes an uncaught exception, leading to the termination of the Node.js...

5.3CVSS5.9AI score0.00308EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/06 8:46 a.m.6 views

CVE-2026-56361

A flaw was found in ImageMagick. An attacker can exploit an off-by-one error in the morphology validation by providing incorrect morphology parameters. This can lead to out-of-bounds heap buffer reads and heap buffer overflow, potentially causing memory access violations. Mitigation To reduce...

7.1CVSS6AI score0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2825 NetworkManager security update

NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHC...

6.7CVSS5.9AI score0.00118EPSS
Exploits0References2
Rows per page
Query Builder