Lucene search
+L

248 matches found

nessus
nessus
added 2 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-60082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was...

9.1CVSS6.1AI score0.00653EPSS
Exploits0References3
cve
cve
added 3 days ago10 views

CVE-2026-60082

The CVE-2026-60082 issue affects Perl DBI prior to 1.651, where the statement handle consistency with the row is not enforced. If the statement handle has no fields but the source row is non-empty, the internal row-buffer helper could read from a negative array index. This can be triggered when a...

9.1CVSS6.1AI score0.00653EPSS
Exploits0References4
cvelist
cvelist
added 3 days ago29 views

CVE-2026-60082 DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row

DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array index. This could be triggered by a caller supplying inconsistent...

0.00653EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/29 8:43 a.m.5 views

CVE-2026-57235

A flaw was found in Nokogiri, an XML and HTML library for Ruby. This vulnerability allows an attacker to trigger an out-of-bounds read by providing a specially crafted large negative index to certain methods. This can lead to a denial of service DoS by crashing the application on CRuby, or by...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/25 6:13 p.m.4 views

CVE-2026-56788 RTKLIB 2.4.3 - Out-of-bounds Read via Negative Array Index in getcodepri

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...

4.8CVSS5.8AI score0.00119EPSS
Exploits1References2
osv
osv
added 2026/06/25 5:41 p.m.3 views

JLSEC-2026-625 A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds...

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue...

4.3CVSS5.9AI score0.00319EPSS
Exploits0References4
nvd
nvd
added 2026/06/25 3:16 p.m.13 views

CVE-2026-57235

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

8.2CVSS0.00331EPSS
Exploits0References1
cve
cve
added 2026/06/25 2:31 p.m.20 views

CVE-2026-57235

CVE-2026-57235 affects Nokogiri (Ruby) prior to 1.19.4. The bug is in Nokogiri::XML::NodeSet#[] (and #slice) where the index check used a 32‑bit truncated copy, allowing a large negative index to pass bounds checks and be used with full width. Result: on CRuby an out‑of‑bounds read that typically...

8.2CVSS5.9AI score0.00331EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/25 2:31 p.m.35 views

CVE-2026-57235 Nokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

6.3CVSS0.00331EPSS
Exploits0References1
euvd
euvd
added 2026/06/25 2:31 p.m.6 views

EUVD-2026-39422

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

6.3CVSS5.9AI score0.00331EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2026/06/25 2:31 p.m.6 views

CVE-2026-57235

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52447

Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.19.4 Description Nokogiri is an open source XML and HTML library for the Ruby programming language. The Nokogiri::XML::NodeSet function and its alias slice performs a bounds check on the requested index using a...

8.2CVSS5.7AI score0.00331EPSS
Exploits0References3
nessus
nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.13.1 : rsync (EulerOS-SA-2026-2150)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a...

4.3CVSS5.6AI score0.00319EPSS
Exploits0References2
nessus
nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : rsync (EulerOS-SA-2026-2189)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a...

4.3CVSS5.6AI score0.00319EPSS
Exploits0References2
osv
osv
added 2026/06/02 9:14 a.m.6 views

SUSE-SU-2026:22015-1 Security update for rsync

This update for rsync fixes the following issues - CVE-2025-10158: Out of bounds array access via negative index bsc1254441. - CVE-2026-29518: Symlink-Race TOCTOU in Daemon use chroot = no bsc1264511. - CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. -...

8.1CVSS5.5AI score0.0078EPSS
Exploits1References17
redhat
redhat
added 2026/05/26 9:24 a.m.9 views

rsync: Rsync: Out of bounds array access via negative index

An out of bounds read flaw has been discovered in rsync. A malicious client acting as the receiver of an rsync file transfer can trigger an OOB read via a negative array index. The rsync client requires at least read access to the remote rsync module to trigger the issue...

4.3CVSS5.7AI score0.00319EPSS
Exploits0References6
redhat
redhat
added 2026/05/26 5:39 a.m.11 views

rsync: Rsync: Out of bounds array access via negative index

An out of bounds read flaw has been discovered in rsync. A malicious client acting as the receiver of an rsync file transfer can trigger an OOB read via a negative array index. The rsync client requires at least read access to the remote rsync module to trigger the issue...

4.3CVSS5.7AI score0.00319EPSS
Exploits0References6
redhat
redhat
added 2026/05/26 5:6 a.m.12 views

rsync: Rsync: Out of bounds array access via negative index

An out of bounds read flaw has been discovered in rsync. A malicious client acting as the receiver of an rsync file transfer can trigger an OOB read via a negative array index. The rsync client requires at least read access to the remote rsync module to trigger the issue...

4.3CVSS5.7AI score0.00319EPSS
Exploits0References6
nessus
nessus
added 2026/05/26 12:0 a.m.15 views

RHEL 9 : rsync (RHSA-2026:20602)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20602 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

7.8CVSS5.9AI score0.00393EPSS
Exploits1References6
osv
osv
added 2026/05/22 3:14 p.m.8 views

CLSA-2026-1779462894 rsync: Fix of CVE-2026-43620

CVE-2026-43620: prevent client-side out-of-bounds read in receiver when a malicious server sends a crafted file-list with parentndx0...

6.9CVSS5.8AI score0.00503EPSS
Exploits0References1
Rows per page
Query Builder