Lucene search
K

5415 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/03 2:29 p.m.8 views

CVE-2026-3276

unicodedata.normalize can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms...

6.3CVSS5.8AI score0.00492EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 2:29 p.m.11 views

EUVD-2026-34103

unicodedata.normalize can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms...

6.3CVSS5.8AI score0.00492EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.56 views

PT-2026-46266

Name of the Vulnerable Software and Affected Versions Net::CIDR::Set versions prior to 0.21 Description The software accepts non-ASCII IP addresses and netmasks. Unicode digits, such as the Arabic-Indic One U+0661, are accepted but not properly parsed as numbers, which could allow network masks t...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.17 views

PT-2026-45951

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The unicodedata.normalize function can consume excessive CPU time when processing specially crafted Unicode input. This occurs when the input contains long sequences of combining characters wi...

6.3CVSS5.4AI score0.00492EPSS
Exploits0References38
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

CPython 安全漏洞

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that arises from excessive CPU consumption when processing specially crafted Unicode inputs, which may lead to a denial-of-service attack...

6.3CVSS5.3AI score0.00492EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-3276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - unicodedata.normalize can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating...

6.3CVSS5.4AI score0.00492EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.13 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39824)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39824 advisory. - NewNTUnicodeString does not check for string length overflow. When provided with a string that...

3.3CVSS5.9AI score0.00114EPSS
Exploits0References1
NVD
NVD
added 2026/05/30 4:17 p.m.17 views

CVE-2026-8594

Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters such as VT, FF and others into segments, but applies the break function to the entire string, not just t...

6.2CVSS0.002EPSS
Exploits0References4
OSV
OSV
added 2026/05/30 4:17 p.m.8 views

UBUNTU-CVE-2026-8594

Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters such as VT, FF and others into segments, but applies the break function to the entire string, not just t...

6.2CVSS5.8AI score0.002EPSS
Exploits0References7
CVE
CVE
added 2026/05/30 3:32 p.m.24 views

CVE-2026-8594

Summary: CVE-2026-8594 affects Text::LineFold (Perl) up to version 2019.001, which is part of the Unicode-LineBreak distribution. The issue arises because the line-breaking logic applies the break function to the entire input string, not just each segment, causing the full input to be duplicated ...

6.2CVSS5.8AI score0.002EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 3:32 p.m.22 views

EUVD-2026-33466

Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters such as VT, FF and others into segments, but applies the break function to the entire string, not just t...

5.8AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.16 views

PT-2026-45104

Name of the Vulnerable Software and Affected Versions Text::LineFold versions prior to 2019.002 Description Text::LineFold splits input strings into segments using specific line break characters, such as Vertical Tab VT and Form Feed FF. However, the break function is applied to the entire string...

6.2CVSS5.8AI score0.002EPSS
Exploits0References9
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.21 views

linux-sgx security update

An update is available for linux-sgx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Intel SGX SDK is a collection of APIs, libraries, documentations and...

8.8CVSS5.8AI score0.01535EPSS
Exploits5
OSV
OSV
added 2026/05/29 4:3 p.m.22 views

RLSA-2026:18480 Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

8.8CVSS7.2AI score0.01535EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

RockyLinux 10 : linux-sgx (RLSA-2026:18480)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:18480 advisory. qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-tar: Arbitrary file overwrite and symlink...

8.8CVSS5.8AI score0.01535EPSS
Exploits5References11
Github Security Blog
Github Security Blog
added 2026/05/28 7:52 p.m.18 views

symfony/polyfill-intl-idn: xn-- labels with ASCII-only Punycode payloads are treated as equivalent to their decoded form

Description symfony/polyfill-intl-idn provides a userland implementation of idntoutf8 and idntoascii for runtimes that lack the intl extension. Its Idn::process method decodes labels prefixed with xn-- using Punycode but never enforces the validity criterion added in UTS 46 revision 33 Section 4...

5.9AI score0.00137EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2026/05/28 3:43 p.m.14 views

RLSA-2026:18868 Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

8.8CVSS5.8AI score0.01535EPSS
Exploits5References6
Snyk
Snyk
added 2026/05/27 9:41 a.m.12 views

Improper Encoding or Escaping of Output

Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the HtmlSanitizer component that fails to properly detect and strip percent-encoded BiDi...

5.3CVSS5.8AI score0.00025EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 9:11 a.m.12 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.17.0 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.17.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2022-23990 DESCRIPTION: Expat aka...

9.1CVSS7.2AI score0.03992EPSS
Exploits7Affected Software2
Fedora
Fedora
added 2026/05/27 1:27 a.m.11 views

[SECURITY] Fedora 43 Update: uriparser-1.0.2-1.fc43

Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license...

5.1CVSS5.8AI score0.00172EPSS
Exploits0
Rows per page
Query Builder