Lucene search
+L

119 matches found

CVE
CVE
added yesterday14 views

CVE-2026-46378

Dasel (github.com/tomwright/dasel) is affected by CVE-2026-46378 due to a non-terminating loop in the selector lexer when tokenizing an unterminated regex literal (r/). The bug resides in matchRegexPattern inside selector/lexer/tokenize.go, where the loop continues indefinitely if the closing sla...

6.2CVSS6.1AI score0.0005EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago5 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-49477

A flaw was found in soupsieve, a CSS selector library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted, untrusted CSS selector strings. The flaw occurs due to a regular expression vulnerable to catastrophic backtracking when processing a...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References6
OSV
OSV
added 2 days ago3 views

RLSA-2026:39320 Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.1AI score0.00553EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago5 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2 days ago4 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
NVD
NVD
added 3 days ago4 views

CVE-2026-49477

Soup Sieve is a CSS selector library designed to be used with Beautiful Soup 4. Prior to 2.8.4, the CSS selector parser in soupsieve contains a regular expression vulnerable to catastrophic backtracking when processing an attribute selector with an unterminated quoted value in...

7.5CVSS0.00601EPSS
Exploits0References3
OSV
OSV
added 3 days ago4 views

CVE-2026-49477 Soup Sieve: Regular Expression Denial of Service (ReDoS) in soupsieve Selector Parser

Soup Sieve is a CSS selector library designed to be used with Beautiful Soup 4. Prior to 2.8.4, the CSS selector parser in soupsieve contains a regular expression vulnerable to catastrophic backtracking when processing an attribute selector with an unterminated quoted value in...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References5
CVE
CVE
added 3 days ago15 views

CVE-2026-49477

Soup Sieve (CSS selector engine used by Beautiful Soup 4) Before 2.8.4 contains a regular-expression backtracking bug in soupsieve/css_parser.py (VALUE pattern) that enables catastrophic backtracking on unterminated quoted attribute values, causing CPU exhaustion and potential DoS when compiling ...

7.5CVSS6.1AI score0.00601EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 6 days ago4 views

SUSE CVE-2026-15308

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

7.5CVSS6.1AI score0.00553EPSS
Exploits0References5
Cvelist
Cvelist
added last week33 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS0.00539EPSS
Exploits1References6
CVE
CVE
added last week13 views

CVE-2026-57157

FreeRDP (server implementations with the MS-RDPECAM camera device enumerator channel enabled) is affected prior to 3.28.0. Attackers can cause a 1- to 2-byte out-of-bounds heap read by scanning attacker-supplied DeviceName and VirtualChannelName fields and dereferencing beyond the scanned bound i...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References6Affected Software1
RedHat Linux
RedHat Linux
added last week4 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/07/10 8:55 a.m.7 views

CVE-2026-59935

A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References7
NVD
NVD
added 2026/07/09 5:16 p.m.9 views

CVE-2026-15308

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS0.00553EPSS
Exploits0References8
OSV
OSV
added 2026/07/09 5:16 p.m.3 views

UBUNTU-CVE-2026-15308

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS6.1AI score0.00553EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/07/09 5:10 p.m.55 views

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS0.00553EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/07/09 5:10 p.m.7 views

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/09 5:10 p.m.8 views

EUVD-2026-42638

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/09 5:10 p.m.27 views

CVE-2026-15308

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References8
Rows per page
Query Builder