Lucene search
+L

2609 matches found

SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-43663

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS5.2AI score0.00194EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-43742

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.0025EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-43727

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.00196EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago8 views

CVE-2026-43726

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.00189EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-43712

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger an out-of-bounds write due to improper memory handling, resulting in an unexpected process crash...

6.5CVSS6AI score0.00202EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-43720

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.00289EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-43716

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory handling, resulting in an unexpected process crash...

6.5CVSS6AI score0.00297EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-43707

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger memory corruption due to improper memory handling, resulting in an unexpected process crash...

6.5CVSS6AI score0.00307EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-43676

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger an out-of-bounds read due to improper bounds checking, resulting in an unexpected process crash...

6.5CVSS6AI score0.00257EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-43699

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory management, resulting in an unexpected process crash...

6.5CVSS6AI score0.0024EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago8 views

CVE-2026-43663

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory handling, resulting in an unexpected process crash...

6.5CVSS6AI score0.00194EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-39872

A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory handling, resulting in an unexpected process crash...

6.5CVSS6AI score0.00194EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/09 2:15 p.m.33 views

CVE-2026-54798

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/09 1:26 p.m.7 views

EUVD-2026-42588

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlinkserver service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized listenuuid field that is measure...

6.9CVSS6.2AI score0.00463EPSS
Exploits0References3
CVE
CVE
added 2026/07/08 10:11 p.m.15 views

CVE-2026-54778

CVE-2026-54778 : CoreWCF UnixDomainSocket suffers a race in POSIX peer identity resolution due to non-reentrant getpwuid/getgrgid calls, allowing identity misattribution or host process crash under contention. Affected versions are prior to 1.8.1 and 1.9.1; fixed in 1.8.1 and 1.9.1. Impact is lim...

6.2CVSS6AI score0.001EPSS
Exploits0References6
NVD
NVD
added 2026/07/08 5:17 p.m.11 views

CVE-2026-59892

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx- HTTP header values with decodeURIComponent without handling decode errors, allowing an unauthenticated remote attacker to send a malformed...

7.5CVSS0.00436EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/08 3:20 p.m.30 views

CVE-2026-59875 node-tar: Uncaught Exception DoS via NUL byte in PAX path/linkpath records

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS0.00291EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/07/06 9:10 p.m.8 views

Coder vulnerable to denial of service via unbounded request body in AI Bridge provider endpoints

Summary AI Bridge provider handlers read request bodies with io.ReadAll without a maximum size so an authenticated user with AI Bridge access could send an arbitrarily large body and exhaust memory. Note: Exploitation requires authenticated access to the AI Bridge endpoints and the impact is...

6.5CVSS6AI score0.00552EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/07/03 5:23 p.m.4 views

CVE-2026-14631 webpack-dev-server vulnerable to denial of service via a malformed Host or Origin header

webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught...

5.3CVSS6.1AI score0.00308EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 8:17 p.m.13 views

CVE-2026-43742

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.0025EPSS
Exploits0References3
Rows per page
Query Builder