Lucene search
K

74126 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/01 8:36 a.m.2 views

CVE-2026-23404

In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system crashes. Reproducer: $ pf='a'; for i=...

5.8AI score0.00177EPSS
Exploits0References9Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/04/01 8:13 a.m.4 views

OpenSC: Stack-buffer-overflow WRITE in card-oberthur

...

6.8CVSS5.9AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/01 8:13 a.m.3 views

OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

...

6.8CVSS5.9AI score0.0013EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.3 views

CVE-2026-5156

A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/QuickIndex of the component Parameter Handler. This manipulation of the argument mitlinktype causes stack-based buffer overflow. The attack is possible to be carried out remotely. Th...

9CVSS7.8AI score0.00632EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/01 3:31 a.m.4 views

EUVD-2026-17757

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS5.9AI score0.00103EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 2:16 a.m.3 views

CVE-2026-3778

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS0.00103EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3778

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS5.9AI score0.00103EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/04/01 1:40 a.m.18 views

CVE-2026-3778

CVE-2026-3778 affects Foxit PDF Editor/Reader (Foxit Reader) across platforms as described in connected records. The root cause is cyclic PDF object references created by pages and annotations referencing each other in a loop, which, when the document is processed by APIs that perform deep traver...

6.2CVSS5.9AI score0.00103EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/01 1:40 a.m.2 views

CVE-2026-3778 Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS5.9AI score0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 1:40 a.m.30 views

CVE-2026-3778 Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 12:31 a.m.10 views

EUVD-2026-17688

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

9CVSS7.5AI score0.00715EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29438

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS5.9AI score0.00103EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.6 views

PT-2026-29649

CVE-2026-32928 V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData:: conv AnimationItem. Opening a crafted V7 file may lead to arbitrary … https://t.co/R460FJw3tQ...

8.4CVSS6.3AI score0.00209EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29646

CVE-2026-32925 V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary co… https://t.co/5nss7YAOEB...

8.4CVSS6.3AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.21 views

SUSE SLES15 Security Update : libjxl (SUSE-SU-2026:1154-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1154-1 advisory. This update for libjxl fixes the following issue: - CVE-2024-11498: Resource exhaustion via Stack overflow in libjxl bsc1233785. Tenable has extracted...

7.5CVSS6.8AI score0.00607EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29487

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's AppArmor profile removal code used a recursive approach for removing nested profiles, which could lead to kernel stack exhaustion and system crashes. The issue stemmed...

5.5CVSS6.8AI score0.00177EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of recursion in file configuration files. This vulnerability may lead to exhaustion of th...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities arise from failing to detect or prevent...

6.2CVSS5.8AI score0.00103EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.8 views

Amazon Linux 2 : python, --advisory ALAS2-2026-3218 (ALAS-2026-3218)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3218 advisory. The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |=...

7.5CVSS5.9AI score0.00621EPSS
Exploits0References6
Amazon
Amazon
added 2026/04/01 12:0 a.m.9 views

Medium: python

Issue Overview: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

6CVSS5.9AI score0.00621EPSS
Exploits0
Rows per page
Query Builder