Lucene search
+L

1919 matches found

OSV
OSV
added 3 days ago3 views

CVE-2026-48784 Symfony: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.53, 6.4.41, 7.4.13, and 8.0.13, UrlGenerator::doGenerate used strtr dot-segment encoding that skipped every other chained ../ or ./ segment, allowing attacker-controlled route parameters...

5.1CVSS6.1AI score0.00267EPSS
Exploits0References7
CVE
CVE
added 3 days ago31 views

CVE-2026-48784

CVE-2026-48784 is a Symfony UrlGenerator issue in UrlGenerator::doGenerate() where strtr dot-segment encoding skipped every other chained ../ or ./ segments. This allowed attacker-controlled route parameters to generate URLs that collapse to a different path under RFC 3986 normalization. The vuln...

6.1CVSS6.1AI score0.00267EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/07/10 12:5 p.m.1 views

RLSA-2026:36749 Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/07/10 12:3 p.m.7 views

gstreamer1-plugins-bad-free security update

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...

8.8CVSS6.2AI score0.0053EPSS
Exploits0
OSV
OSV
added 2026/07/08 5:17 p.m.3 views

DEBIAN-CVE-2026-29007

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...

6.9CVSS6.1AI score0.00472EPSS
Exploits0References1
NVD
NVD
added 2026/07/08 5:17 p.m.8 views

CVE-2026-29007

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...

6.9CVSS0.00472EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1259 CodeChecker open redirect when URL contains multiple slashes after the product name

Summary --- CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect pathway. Detai...

6.1CVSS5.9AI score0.00246EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-1010 Missing validation causes denial of service via `Conv3DBackpropFilterV2`

Impact The implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.strings.unsortedsegmentjoin inputs='123', segmentids=0, numsegments=-1...

5.5CVSS6.2AI score0.00346EPSS
Exploits1References13
OSV
OSV
added 2026/07/03 11:25 a.m.8 views

SUSE-SU-2026:2744-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue - CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:7 p.m.11 views

CVE-2026-8247

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1 up to and...

7.7CVSS6AI score0.00201EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.7 views

next.js: Next.js: Unauthorized access to protected content via middleware bypass

A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows acces...

7.5CVSS5.9AI score0.01523EPSS
Exploits0References5
NVD
NVD
added 2026/06/30 9:16 p.m.8 views

CVE-2026-13207

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...

8.7CVSS0.00352EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 8:24 p.m.23 views

CVE-2026-13207

The CVE refers to FUXA prior to 1.3.2 with an authentication bypass in the REST API caused by improper normalization of dot-segments in the router. Prefixing paths with dot-segments (e.g., /api/./users, /api/./roles, /api/project/../users) can bypass authentication and expose protected data such ...

8.7CVSS5.8AI score0.00352EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 8:24 p.m.35 views

CVE-2026-13207 Frangoteam FUXA SCADA/HMI Authentication Bypass by Spoofing

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...

8.7CVSS0.00352EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 8:24 p.m.4 views

CVE-2026-13207 Frangoteam FUXA SCADA/HMI Authentication Bypass by Spoofing

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...

8.7CVSS5.9AI score0.00352EPSS
Exploits0References5
NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-9263

The Zephyr Bluetooth controller ISO Adaptation Layer subsys/bluetooth/controller/llsw/isoal.c fails to validate the length field of a framed ISO PDU start segment. Per the Bluetooth specification a start segment sc=0 always carries a 3-byte timeoffset, so its segment-header len must be at least...

8.1CVSS0.00201EPSS
Exploits1References2
CVE
CVE
added 2026/06/30 4:1 p.m.20 views

CVE-2026-9263

The CVE-2026-9263 issue affects Zephyr’s ISO Adaptation Layer (ISOAL) in the Bluetooth controller. The root cause is that framed ISO PDU start segments (sc=0) with len len - 3 to underflow when len is 0–2. This produced an oversized length (up to 253–255) that was passed to isoal_rx_append_to_sdu...

8.1CVSS6AI score0.00201EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/30 4:1 p.m.7 views

CVE-2026-9263 Out-of-bounds read in Bluetooth Controller ISOAL framed RX reassembly leaks adjacent memory into host HCI ISO packets

The Zephyr Bluetooth controller ISO Adaptation Layer subsys/bluetooth/controller/llsw/isoal.c fails to validate the length field of a framed ISO PDU start segment. Per the Bluetooth specification a start segment sc=0 always carries a 3-byte timeoffset, so its segment-header len must be at least...

6.5CVSS6AI score0.00201EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.25 views

PT-2026-53986

Name of the Vulnerable Software and Affected Versions FUXA versions prior to 1.3.2 Description An authentication bypass exists in the REST API due to improper dot-segment path normalization. The API router does not normalize dot-segment sequences before the authentication middleware is applied...

8.7CVSS5.8AI score0.00352EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 11:0 p.m.42 views

CVE-2026-13513 MyScale MyScaleDB SegmentId.h getCacheKey data authenticity

A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack...

5CVSS0.00133EPSS
Exploits0References7
Rows per page
Query Builder