Lucene search
K

1581 matches found

OSV
OSV
added 2026/07/07 9:17 p.m.4 views

UBUNTU-CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 9:17 p.m.3 views

UBUNTU-CVE-2026-58470

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS6.2AI score0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 7:50 p.m.43 views

CVE-2026-58472 GNU Wget 1.25.0 Heap Buffer Overflow via HTML Attribute Encoding

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS0.00221EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/07 7:50 p.m.7 views

CVE-2026-58472 GNU Wget 1.25.0 Heap Buffer Overflow via HTML Attribute Encoding

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/07 7:50 p.m.5 views

EUVD-2026-42084

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:50 p.m.5 views

CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/07 7:50 p.m.6 views

CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

7.1CVSS6.3AI score0.00221EPSS
Exploits0
CVE
CVE
added 2026/07/07 7:50 p.m.11 views

CVE-2026-58472

GNU Wget up to 1.25.0 contains a heap buffer overflow in html_quote_string() (src/convert.c) triggered by a server-supplied HTML attribute with extensive entity encoding. The root cause is a signed integer counter overflow during output size accumulation, leading to an undersized heap allocation ...

7.1CVSS6.3AI score0.00221EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/07 7:50 p.m.6 views

CVE-2026-58472 GNU Wget 1.25.0 Heap Buffer Overflow via HTML Attribute Encoding

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/07/07 7:50 p.m.5 views

CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 7:47 p.m.6 views

CVE-2026-58471 GNU Wget 1.25.0 Heap Buffer Overflow via convert_fname() in url.c

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS6.2AI score0.00221EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/07 7:47 p.m.41 views

CVE-2026-58471 GNU Wget 1.25.0 Heap Buffer Overflow via convert_fname() in url.c

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/07 7:47 p.m.5 views

EUVD-2026-42083

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS6.2AI score0.00221EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/07 7:47 p.m.6 views

CVE-2026-58471 GNU Wget 1.25.0 Heap Buffer Overflow via convert_fname() in url.c

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS6.2AI score0.00221EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:47 p.m.4 views

CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS6.2AI score0.00221EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 7:47 p.m.15 views

CVE-2026-58471

GNU Wget up to 1.25.0 contains a heap buffer overflow in convert_fname() (src/url.c) that can be triggered by a server-supplied filename requiring character set conversion. When the output buffer is too small and iconv E2BIG reallocates, the remaining space is miscalculated, allowing memory corru...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/07 7:47 p.m.5 views

CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/07 7:45 p.m.43 views

CVE-2026-58470 GNU Wget 1.25.0 Integer Overflow via Content-Range Header Parsing

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS0.00247EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/07 7:45 p.m.3 views

CVE-2026-58470 GNU Wget 1.25.0 Integer Overflow via Content-Range Header Parsing

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS6.1AI score0.00247EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:45 p.m.4 views

CVE-2026-58470

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS6.1AI score0.00247EPSS
Exploits0References3
Rows per page
Query Builder