38423 matches found
CVE-2026-0966 Libssh: libssh: denial of service via zero-length input in ssh_get_hexa()
A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...
CVE-2026-0966
A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...
CVE-2026-33535
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 display interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue...
CVE-2026-33535 ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 display interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue...
CVE-2026-33535
CVE-2026-33535 affects ImageMagick. The issue is an out-of-bounds write of a zero byte in the X11 display interaction path, leading to a crash. Affected releases include pre-patch versions 7.1.2-17/7.1.2-18? and 6.9.13-42/6.9.13-43 according to sources; the advisory notes that versions 7.1.2-18 a...
vantuz (>=3.3.2 <=3.3.7) potentially affected by unknown CVE via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: unknown CVE Source advisory: OSV:GHSA-48VW-M3QC-WR99...
CVE-2026-4923
Impact: When using multiple wildcards, combined with at least one parameter, a regular expression can be generated that is vulnerable to ReDoS. This backtracking vulnerability requires the second wildcard to be somewhere other than the end of the path. Unsafe examples: /foo-bar-:baz /a-:b-c-:d...
DEBIAN-CVE-2026-4926
Impact: A bad regular expression is generated any time you have multiple sequential optional groups curly brace syntax, such as abc:z. The generated regex grows exponentially with the number of groups, causing denial of service. Patches: Fixed in version 8.4.0. Workarounds: Limit the number of...
CVE-2026-4926
Impact: A bad regular expression is generated any time you have multiple sequential optional groups curly brace syntax, such as abc:z. The generated regex grows exponentially with the number of groups, causing denial of service. Patches: Fixed in version 8.4.0. Workarounds: Limit the number of...
UBUNTU-CVE-2026-4926
Impact: A bad regular expression is generated any time you have multiple sequential optional groups curly brace syntax, such as abc:z. The generated regex grows exponentially with the number of groups, causing denial of service. Patches: Fixed in version 8.4.0. Workarounds: Limit the number of...
CVE-2026-33152 Tandoor Recipes Vulnerable to Unrestricted Brute-Force via BasicAuthentication
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration...
CVE-2026-33152
Summary: Tandoor Recipes before 2.6.0 configures Django REST Framework with BasicAuthentication as a default, while rate limiting (ACCOUNT_RATE_LIMITS: login: 5/m/ip) applies only to the HTML login endpoint at /accounts/login/. This means any API endpoint that accepts authenticated requests can b...
CVE-2026-33152 Tandoor Recipes Vulnerable to Unrestricted Brute-Force via BasicAuthentication
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration...
CVE-2026-33148
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the FDC USDA FoodData Central search endpoint constructs an upstream API URL by directly interpolating the user-supplied query parameter into the URL string without...
CVE-2026-29055
CVE-2026-29055 affects Tandoor Recipes: in versions prior to 2.6.0, the image processing pipeline did not strip EXIF data, rescale, or validate sizes for WebP and GIF uploads, allowing sensitive EXIF metadata (GPS coordinates, camera model, timestamps, software) to be stored and served to all vie...
CVE-2026-4926 path-to-regexp vulnerable to Denial of Service via sequential optional groups
Impact: A bad regular expression is generated any time you have multiple sequential optional groups curly brace syntax, such as abc:z. The generated regex grows exponentially with the number of groups, causing denial of service. Patches: Fixed in version 8.4.0. Workarounds: Limit the number of...
Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass
Summary A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of CONTINUATION frames, combined with a bypass of existing size-based mitigations using zero-byte frames, allows an user to...
brace-expansion: Zero-step sequence causes process hang and memory exhaustion
Impact A brace pattern with a zero step value e.g., 1..2..0 causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. The loop in question:...
Infinite loop
Overview brace-expansion is a Brace expansion as known from sh/bash Affected versions of this package are vulnerable to Infinite loop through the expand function when processing a brace pattern with a zero step value. An attacker can cause the process to hang and exhaust system memory by supplyin...
GHSA-F886-M6HF-6M8V brace-expansion: Zero-step sequence causes process hang and memory exhaustion
Impact A brace pattern with a zero step value e.g., 1..2..0 causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. The loop in question:...