Lucene search
K

12 matches found

Cvelist
Cvelist
added yesterday23 views

CVE-2026-15643 AWS HealthLake MCP Server SSRF via Pagination URL

AWS HealthLake MCP Server awslabs.healthlake-mcp-server is a Model Context Protocol server that enables AI assistants to interact with AWS HealthLake FHIR datastores. A server-side request forgery in the pagination handling component in AWS awslabs.healthlake-mcp-server before 0.0.14 on all...

9.2CVSS
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-15643

CVE-2026-15643 concerns AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) prior to 0.0.14. A server-side request forgery in the pagination handling component can be exploited by a remote authenticated user to exfiltrate AWS temporary security credentials to an attacker-controlled endpoint...

9.2CVSS6.2AI score
Exploits0References2
EUVD
EUVD
added 2025/10/15 1:23 a.m.8 views

EUVD-2017-18920

Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...

9.2CVSS8AI score0.00646EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/04 12:0 a.m.6 views

Clustering and Median Aggregation Improve Differentially Private Inference

Differentially private DP language model inference is an approach for generating private synthetic text. A sensitive input example is used to prompt an off-the-shelf large language model LLM to produce a similar example. Multiple examples can be aggregated together to formally satisfy the DP...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.7 views

The vulnerability of the next_token function in the awk.c file of the UNIX utility command-line tool BusyBox, which allows a hacker to cause a service failure

The vulnerability of the nexttoken function in the BusyBox command-line utility library of UNIX systems is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a system failure...

5.5CVSS6.4AI score0.00412EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/11/27 11:15 p.m.9 views

AZL-34577 CVE-2023-42366 affecting package busybox for versions less than 1.36.1-9

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

5.5CVSS5.7AI score0.00412EPSS
Exploits1References1
OSV
OSV
added 2023/11/27 11:15 p.m.11 views

AZL-33492 CVE-2023-42366 affecting package busybox for versions less than 1.35.0-12

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

5.5CVSS5.7AI score0.00412EPSS
Exploits1References1
OSV
OSV
added 2023/11/27 11:15 p.m.5 views

UBUNTU-CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

5.5CVSS5.8AI score0.00412EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.3 views

PT-2023-7297 · Busybox +1 · Busybox +1

Name of the Vulnerable Software and Affected Versions: BusyBox version 1.36.1 Description: A heap-buffer-overflow issue was discovered in the next token function at awk.c:1159. This issue is related to writing beyond the buffer boundaries. Exploitation of this issue may allow an attacker to cause...

5.5CVSS6.9AI score0.00412EPSS
Exploits1References18
AlpineLinux
AlpineLinux
added 2023/11/27 12:0 a.m.127 views

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

5.5CVSS5.4AI score0.00412EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.4 views

SUSE CVE-2017-14682

GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928...

8.8CVSS9.6AI score0.02289EPSS
Exploits1References6
OSV
OSV
added 2017/09/21 11:29 p.m.2 views

DEBIAN-CVE-2017-14682

GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928...

8.8CVSS7.9AI score0.02289EPSS
Exploits1References1
Rows per page
Query Builder