Lucene search
K

2298 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-45133

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, when the parser is exposed to attacker-controlled input, deeply nested mappings or sequences cause both the block-level Parser::parseBlock and inline...

8.2CVSS0.00602EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-45133 Symfony: [Yaml] Harden the parser when handling untrusted input

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, when the parser is exposed to attacker-controlled input, deeply nested mappings or sequences cause both the block-level Parser::parseBlock and inline...

8.2CVSS0.00602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago3 views

p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago2 views

p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2805 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
OSV
OSV
added 2026/07/06 6:25 a.m.5 views

OESA-2026-2804 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
OSV
OSV
added 2026/07/06 6:25 a.m.4 views

OESA-2026-2803 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2026/07/01 3:35 a.m.7 views

SUSE CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13757

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a...

6.2CVSS6AI score0.00137EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 7:16 p.m.10 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS0.00137EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/29 6:44 p.m.8 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS6AI score0.00137EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/29 6:44 p.m.7 views

CVE-2026-13757 P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 6:44 p.m.8 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 6:44 p.m.8 views

EUVD-2026-40173

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 6:44 p.m.54 views

CVE-2026-13757 P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS0.00137EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 6:44 p.m.24 views

CVE-2026-13757

CVE-2026-13757 affects p11-kit. The RPC attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() can form a mutually-recursive call chain with no recursion depth limit when handling nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TE...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References5Affected Software3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53679

Name of the Vulnerable Software and Affected Versions p11-kit affected versions not specified Description A flaw exists in the RPC message attribute parsing process. The functions p11 rpc message get attribute and p11 rpc message get attribute array value create a mutually-recursive call chain th...

6.2CVSS6.1AI score0.00137EPSS
Exploits0References18
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:22 p.m.6 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/24 3:50 p.m.2 views

CVE-2026-54297 Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nestin...

7.5CVSS7.1AI score0.00391EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/24 3:37 p.m.6 views

CVE-2026-52916

A flaw was found in the Linux kernel's batman-adv module. A remote attacker can exploit this vulnerability by sending specially crafted BATADVUNICASTFRAG packets, which are designed to contain other fragmented packets. This 'fragments in fragments' scenario causes the kernel to recursively proces...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
Rows per page
Query Builder