Lucene search
K

114 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-350 External Control of File Name or Path in h2oai/h2o-3

Remote unauthenticated attackers can overwrite arbitrary server files with attacker-controllable data. The data that the attacker can control is not entirely arbitrary. h2o writes a CSV/XLS/etc file to disk, so the attacker data is wrapped in quotations and starts with "C1", if they're exporting ...

9.3CVSS7.5AI score0.00715EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:14 a.m.3 views

KVM: Reject wrapped offset in kvm_reset_dirty_gfn()

...

7.8CVSS6.1AI score0.00147EPSS
Exploits0
OSV
OSV
added 2026/06/24 4:28 p.m.2 views

CVE-2026-52969 KVM: Reject wrapped offset in kvm_reset_dirty_gfn()

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is u64 and the addition is unchecked. The check can be silently bypasse...

7CVSS5.8AI score0.00147EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.29 views

CVE-2026-52969 KVM: Reject wrapped offset in kvm_reset_dirty_gfn()

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is u64 and the addition is unchecked. The check can be silently bypasse...

0.00147EPSS
Exploits0References7
CVE
CVE
added 2026/06/24 4:28 p.m.10 views

CVE-2026-52969

CVE-2026-52969 affects the Linux kernel KVM component. The vulnerability stems from an unchecked u64 addition in kvm_reset_dirty_gfn(), where the guard if (!memslot || (offset + __fls(mask)) >= memslot->npages) can be bypassed due to offset being 64‑bit. This can allow an out-of-bounds load...

7.8CVSS5.7AI score0.00147EPSS
Exploits0References10Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:16 p.m.4 views

CVE-2026-49271

libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/11 1:2 p.m.13 views

MAL-2026-5644 Malicious code in self-certificate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab587fcd5a0b45e17454fc742007b8b597a0aec49b443d8a5a087ba910ea4a40 The package presents itself as a self-signed certificate generator, but its public generateCertificates API path loads sample/cert.pem, strips the...

5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: The “clear SBINLINECRYPT flag” option in “defaultoptions” has been removed. In “f2fsremount”, the “SBINLINECRYPT flag” will be cleared and reset. If a new file is created or an existing file is opened during this period,...

5.5CVSS6.4AI score0.003EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/16 3:26 p.m.6 views

an-website (>=24.12.0 <=25.2.0), graphtomation (>=0.0.6 <=0.2.0) +5 more potentially affected by CVE-2021-47952 via jsonpickle (>=4.0.0 <=4.0.1)

jsonpickle PYPI version =4.0.0, =24.12.0, =0.0.6, =4.0.0, =0.1.0, =0.1.1, =0.5.8, =0.5.9 Source cves: CVE-2021-47952 Source advisory: SNYK:PYTHON-JSONPICKLE-16755449...

9.8CVSS5.4AI score0.00696EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/24 3:7 a.m.11 views

Malicious code in wrapped-logger-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe112208d0bcdd21ccfe23bb9c5658a1be2eebaf37068032ea67bb9f93559a9c The package wrapped-logger-utils was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/04/24 3:7 a.m.7 views

Malicious Package

Overview wrapped-logger-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2026/04/24 3:7 a.m.5 views

MAL-2026-3027 Malicious code in wrapped-logger-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe112208d0bcdd21ccfe23bb9c5658a1be2eebaf37068032ea67bb9f93559a9c The package wrapped-logger-utils was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/18 8:42 a.m.8 views

BIT-GOLANG-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

7.1CVSS5.8AI score0.00261EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/17 4:8 p.m.4 views

CVE-2026-21733

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory and files. This is caused by improper handling of GPU memory reservation protections...

7.3CVSS5.8AI score0.00099EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 3:9 p.m.6 views

EUVD-2026-19348

OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write...

8.4CVSS5.9AI score0.00419EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/08 1:6 a.m.1 views

CVE-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

5.8AI score0.00261EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/08 1:6 a.m.20 views

CVE-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

0.00261EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/08 12:30 a.m.7 views

EUVD-2026-19994

The Gravity Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the formids parameter in the gformgetconfig AJAX action in all versions up to, and including, 2.9.30. This is due to the GFCommon::sendjson method outputting JSON-encoded data wrapped in HTML comment...

4.7CVSS6.1AI score0.00356EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/07 11:25 p.m.6 views

CVE-2026-4406 Gravity Forms <= 2.9.30 - Reflected Cross-Site Scripting via 'form_ids' Parameter

The Gravity Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the formids parameter in the gformgetconfig AJAX action in all versions up to, and including, 2.9.30. This is due to the GFCommon::sendjson method outputting JSON-encoded data wrapped in HTML comment...

4.7CVSS6.1AI score0.00356EPSS
Exploits0References6
OSV
OSV
added 2026/04/07 10:53 p.m.3 views

GO-2026-4867 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

7.1CVSS5.8AI score0.00261EPSS
Exploits0References3
Rows per page
Query Builder