Lucene search
K

188 matches found

OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

7.5CVSS6.2AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS0.00351EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-58469

GNU Wget prior to 1.25.0 is affected by a heap buffer underread in clean_metalink_string() inside src/metalink.c when parsing a Metalink URL that is whitespace-only. The issue can lead to memory corruption and abnormal program behavior; the CVE notes multiple CVSS measurements with high impact (a...

8.7CVSS6.2AI score0.00351EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-42081

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS6.2AI score0.00351EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS6.2AI score0.00351EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-58469 GNU Wget 1.25.0 Heap Buffer Underread via Metalink URL Parsing

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS0.00351EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS6.2AI score0.00351EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56238

Name of the Vulnerable Software and Affected Versions GNU Wget versions prior to 1.25.1 Description A heap buffer underread exists in the clean metalink string function within src/metalink.c. This occurs when the software processes a Metalink document containing a URL consisting only of whitespac...

8.7CVSS6.1AI score0.00351EPSS
Exploits0References4
OSV
OSV
added 4 days ago4 views

RLSA-2026:33124 Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/29 3:32 p.m.4 views

coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/29 3:32 p.m.5 views

Moderate: Red Hat Security Advisory: coreutils security update

An update for coreutils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS5.8AI score0.00224EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 12:0 a.m.9 views

ALSA-2026:33124 Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.8AI score0.00224EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 12:3 p.m.3 views

RLSA-2026:28911 Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/24 9:9 a.m.9 views

Moderate: Red Hat Security Advisory: coreutils security update

An update for coreutils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/24 9:9 a.m.10 views

coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

4.4CVSS6AI score0.00224EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/06/24 12:0 a.m.6 views

Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 12:0 a.m.15 views

ALSA-2026:28911 Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

EulerOS Virtualization 2.13.0 : glibc (EulerOS-SA-2026-2399)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a...

9.8CVSS5.6AI score0.00451EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.18 views

EulerOS Virtualization 2.13.1 : glibc (EulerOS-SA-2026-2370)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a...

9.8CVSS5.7AI score0.00451EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.7 views

CentOS 9 : coreutils-8.32-42.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the coreutils-8.32-42.el9 build changelog. - A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

4.4CVSS5.7AI score0.00224EPSS
Exploits0References2
Rows per page
Query Builder