Lucene search
K

1040 matches found

ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-5922

The IP phone might use malicious input stored in configuration parameters and render it as content for the WebUI’s webpage...

5.9CVSS5.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/29 5:1 a.m.5 views

perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob

A flaw was found in perl-IO-Compress, a component used for data compression and decompression. A remote attacker could exploit this vulnerability by crafting a malicious input, specifically an output glob, that bypasses the intended security measures. This could lead to the execution of...

7.3CVSS6.1AI score0.00292EPSS
Exploits3References6
OSV
OSV
added 2026/06/26 9:12 a.m.2 views

SUSE-SU-2026:22378-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues Security issues: - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. - CVE-2026-42326: Information disclosure via malicious IPTC input file bsc1268092. - CVE-2026-45031: Denial of Service due to resource policy bypass in PSD...

9.1CVSS6.5AI score0.01849EPSS
Exploits4References65
RedHat Linux
RedHat Linux
added 2026/06/22 6:15 a.m.9 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...

8.1CVSS5.8AI score0.00304EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS7.8AI score0.02256EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8177

XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjacent heap memory...

7.5CVSS5.5AI score0.00531EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.6 views

CVE-2025-67448

The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to stored XSS. The application does not properly sanitize user input in SMS messages before storing and displaying them. An attacker can send an SMS containing a malicious XSS payload, which will be executed in the...

7.1CVSS5.8AI score0.00196EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 10:1 p.m.9 views

CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

5.8AI score0.0056EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/01 10:16 p.m.12 views

CVE-2018-25432

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

8.6CVSS0.00162EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:53 p.m.10 views

EUVD-2026-32554

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS5.8AI score0.00324EPSS
Exploits1References1
Snyk
Snyk
added 2026/05/22 5:42 p.m.9 views

Cross-site Scripting (XSS)

Overview golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the inBodyEndTagOther function, when rendering sanitized HTML. An attacker can cause the execution of scripts in the...

6.1CVSS5.7AI score0.00188EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/20 9:46 a.m.17 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

9.8CVSS6.2AI score0.00754EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in CGal

There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. There is also an oob read vulnerability in NefS2/SNCioparser.h: SNCioparser::readsface and storesmboundaryitem. A specially crafted malformed file can lead to an out-of-bounds read and typ...

10CVSS8.8AI score0.02328EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

10CVSS7.6AI score0.0229EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

10CVSS7.6AI score0.02168EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

10CVSS7.6AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in CGal

There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. There is also an oob read vulnerability in NefS2/SNCioparser.h, specifically in the function SNCioParser::readsloop and slh-twin. An attacker can provide malicious input to trigger this...

10CVSS8.5AI score0.02878EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS7.7AI score0.0225EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS8.9AI score0.02256EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/20 1:59 a.m.22 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

9.8CVSS6.2AI score0.00754EPSS
Exploits0References5
Rows per page
Query Builder