Lucene search
K

120 matches found

Snyk
Snyk
added 2026/06/19 8:46 p.m.4 views

Infinite loop

Overview python-liquid is an A Python engine for the Liquid template language. Affected versions of this package are vulnerable to Infinite loop in the % case % tag parsing logic, caused by an incorrect definition of the EOF token's kind and value in the TokenStream.eof attribute. A user who can...

7.1CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

MediaInfoLib 安全漏洞

MediaInfoLib is a tool developed by MediaArea for displaying technical information and tag data related to audio and video files. MediaInfoLib has a security vulnerability, which stems from a heap buffer overflow issue during ID3v2 parsing...

7.8CVSS6AI score0.00207EPSS
Exploits1References1
Talos
Talos
added 2026/05/25 12:0 a.m.13 views

MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS6.5AI score0.00207EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/10 6:0 p.m.2 views

CVE-2026-31792

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a null pointer dereference in CIccTagXmlStruct::ParseTag causing a segmentation fault or denial of service. This vulnerability is fixed in 2.3.1.5...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/27 10:2 p.m.7 views

CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

5.3CVSS6AI score0.00168EPSS
Exploits0References6
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.20 views

Spring Framework DoS (CVE-2024-38808, CVE-2024-38809 and CVE-2024-22262)

The Spring Framework vulnerabilities identified are located within open source components utilized by Brocade SANnav, however none of these vulnerabilities are in the executable code path. As a part of good security practice, the open source component was updated in the Brocade SANnav 3.0.0...

8.1CVSS5.9AI score0.01191EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : libexif-0.6.21-5.AXS4 (AXSA:2012-974:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-974:01 advisory. Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you t...

7.5CVSS6.3AI score0.07557EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.2 views

Fedora 43 : dr_libs (2025-894ea1b6a5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-894ea1b6a5 advisory. drflac v0.13.2 - 2025-12-02 - Improve robustness of the parsing of picture metadata to improve support for memory constrained embedded devices. - Fix a warni...

5.6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 1:24 a.m.3 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

4.3CVSS6.5AI score0.0022EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 4: podman (TSSA-2025:0377)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0377 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.2AI score0.00868EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-2821

Malware in sbrugna...

7.5CVSS6AI score0.05704EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-2794

Malware in sbrugna...

7.5CVSS6AI score0.07557EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2793

Malware in sbrugna...

6.4CVSS6AI score0.03772EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-15448

Malware in sbrugna...

10CVSS9.5AI score0.01323EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2004-2769

Malware in sbrugna...

7.5CVSS7.4AI score0.02507EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-2820

Malware in sbrugna...

7.5CVSS6AI score0.05016EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2792

Malware in sbrugna...

6.4CVSS6AI score0.03859EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11957

Malware in sbrugna...

8.8CVSS8.6AI score0.02393EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7707

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01356EPSS
Exploits0References32
OSV
OSV
added 2025/10/02 1:3 p.m.6 views

CLSA-2025-1759410214 Fix CVE(s): CVE-2025-58364

SECURITY UPDATE: IPP extension tag parsing vulnerability - debian/patches/CVE-2025-58364.patch: fix handling of extension tag in ippreadio - CVE-2025-58364...

6.5CVSS6.8AI score0.01063EPSS
Exploits1References1
Rows per page
Query Builder