Lucene search
K

55 matches found

Cvelist
Cvelist
added 2026/06/26 12:0 a.m.24 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

0.00446EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.6 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/19 12:0 a.m.7 views

Security update for agama (important)

openSUSE security update: security update for agama ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20753-1 Rating: important References: bsc1257930 Cross-References: CVE-2026-25727 CVSS scores: CVE-2026-25727 SUSE : 7.5...

8.7CVSS5.8AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 3:28 p.m.5 views

OPENSUSE-SU-2026:20753-1 Security update for agama

This update for agama fixes the following issue - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257930. Changes for agama: - Update "time" crate to version 0.3.47...

6.8CVSS5.8AI score0.00291EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-016813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016813 advisory. A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...

3.7CVSS6AI score0.00447EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 10:1 a.m.4 views

OPENSUSE-SU-2026:20384-1 Security update for libsoup

This update for libsoup fixes the following issues: Update to libsoup 3.6.6: - CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049:...

9.1CVSS7AI score0.00821EPSS
Exploits2References18
Amazon
Amazon
added 2026/03/06 12:0 a.m.7 views

Low: firefox

Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...

6.8CVSS5.8AI score0.00291EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : virtiofsd (SUSE-SU-2026:0819-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0819-1 advisory. This update for virtiofsd fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC...

6.8CVSS5.9AI score0.00291EPSS
Exploits0References4
OSV
OSV
added 2026/03/02 2:16 p.m.2 views

SUSE-SU-2026:20534-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257908. Other updates and bugfixes: - Update vendored crates time to...

6.8CVSS6AI score0.00291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/28 12:0 a.m.8 views

SUSE SLES15 Security Update : snpguest (SUSE-SU-2026:0620-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0620-1 advisory. Update to version 0.10.0. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser...

8.8CVSS6AI score0.00452EPSS
Exploits1References11
OSV
OSV
added 2026/02/24 4:36 p.m.4 views

SUSE-SU-2026:0620-1 Security update for snpguest

This update for snpguest fixes the following issues: Update to version 0.10.0. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257927. - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch...

8.8CVSS5.6AI score0.00452EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2026/02/23 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2026:0582-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.2AI score0.00291EPSS
Exploits0References4
OSV
OSV
added 2026/02/11 4:17 p.m.3 views

SUSE-SU-2026:0453-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257908. Other updates and bugfixes: - Update vendored crates time to...

6.8CVSS5.7AI score0.00291EPSS
Exploits0References3
OSV
OSV
added 2026/02/06 8:16 p.m.10 views

AZL-77087 CVE-2026-25727 affecting package rust 1.75.0-25

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.7AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/02/06 8:16 p.m.7 views

AZL-76994 CVE-2026-25727 affecting package kata-containers 3.19.1.kata2-4

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.7AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/02/06 8:16 p.m.6 views

AZL-76821 CVE-2026-25727 affecting package azl-compliance for versions less than 1.0.2-3

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.7AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/02/06 8:16 p.m.11 views

CVE-2026-25727

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS0.00291EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/06 7:20 p.m.6 views

CVE-2026-25727

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.4AI score0.00291EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/06 7:20 p.m.6 views

CVE-2026-25727 time affected by a stack exhaustion denial of service attack

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.4AI score0.00291EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/02/05 12:0 a.m.4 views

libsoup3 security update

3.6.5-9 - Fix CVE-2026-0719 3.6.5-8 - Fix CVE-2025-14523 3.6.5-7 - Add patch for CVE-2025-12105 3.6.5-6 - Fix integer overflow in date/time parsing 3.6.5-5 - Bump revision number 3.6.5-4 - Fix several CVEs...

8.6CVSS5.6AI score0.00947EPSS
Exploits0
Rows per page
Query Builder