Export limit exceeded: 46148 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46148 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14895 1 Bakerscot 1 String::util 2026-07-10 7.5 High
String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service. The trim and rtrim functions stripped trailing whitespace with s/\s*$//u. Because \s* matches greedily and the $ anchor fails whenever a non-whitespace character follows the whitespace, the regex engine retries the match at each offset of a long whitespace run, producing quadratic backtracking. The fix replaces \s*$ with \s+$. Any caller that passes untrusted input to trim or rtrim can trigger CPU exhaustion with a string containing a long run of whitespace.
CVE-2026-49147 1 Petdance 1 App::ack 2026-07-10 7.5 High
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a _safe_filename helper that sanitises the filenames printed by -f, -g, the colored match heading, and per-match lines, but the --show-types, -l/-L, and -c paths still emit the raw filename. A file whose name embeds cursor-movement or color escapes can overwrite or recolor earlier terminal output, or be passed unchanged to a downstream consumer.
CVE-2026-59804 1 Web-infra-dev 1 Midscene 2026-07-10 6.8 Medium
Midscene Bridge Server through 1.10.3, fixed in commit 86f4118, contains a missing authentication and CORS misconfiguration vulnerability that allows unauthenticated remote attackers to hijack active bridge sessions by opening a cross-origin WebSocket connection to the local Socket.IO server, which performs no Origin header validation and requires no authentication token. Attackers can connect from any web page visited by the victim to seize the single-client slot, intercept and inject automation commands, exfiltrate command-payload data, or unconditionally terminate the server by supplying the MIDSCENE_BRIDGE_SIGNAL_KILL query parameter.
CVE-2026-15164 1 Wireshark 1 Ciscodump 2026-07-10 5.5 Medium
Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVE-2026-15173 1 Wireshark 1 Wireshark 2026-07-10 4.7 Medium
pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service
CVE-2026-59692 2 Gstreamer, Redhat 2 Gstreamer, Enterprise Linux 2026-07-10 7.5 High
A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an oversized Subject DN that exceeds the buffer, causing a stack buffer overflow and process crash, resulting in denial of service.
CVE-2026-60095 1 Vinchin 1 Backup & Recovery 2026-07-10 6.5 Medium
Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlink_server service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized _listen_uuid field that is measured via strlen() and copied without bounds checking into a fixed-length stack buffer using strcpy(). Attackers can send a crafted request with a malicious _listen_uuid value to corrupt the stack and achieve process crash or potential control flow hijack without requiring authentication.
CVE-2026-15187 1 Enquirer 1 Enquirer 2026-07-10 4.3 Medium
A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report.
CVE-2026-58469 1 Wget 1 Wget 2026-07-10 7.5 High
GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the clean_metalink_string() function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cause the function to decrement a pointer past the start of the buffer when processing an all-whitespace Metalink URL, potentially leading to abnormal program behavior.
CVE-2026-58470 1 Wget 1 Wget 2026-07-10 5.3 Medium
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parse_content_range() function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigger undefined behavior and download desynchronization in the affected client.
CVE-2026-58471 1 Wget 1 Wget 2026-07-10 5.9 Medium
GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convert_fname() function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is too small during iconv E2BIG reallocation, the reallocation logic miscalculates the remaining space, leading to a heap buffer overflow that can be exploited via a maliciously crafted server response.
CVE-2026-58472 1 Wget 1 Wget 2026-07-10 5.9 Medium
GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the html_quote_string() function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity encoding. A server-supplied HTML attribute causes a signed integer counter to overflow during output size accumulation, resulting in an undersized heap allocation and subsequent heap buffer overflow during the copy phase.
CVE-2026-57258 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 6.1 Medium
The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes.
CVE-2026-57257 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 6.1 Medium
During the PRC parsing stage, there is a lack of boundary verification for the PRC entity index, which leads to an out-of-bounds read of the entity array. As a result, the application crashes.
CVE-2026-57255 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 6.1 Medium
The application opens a PDF containing an abnormal color space whose attributes reference a valid but semantically malformed function. The function's output is not validated; when subsequently read, it produces an illegal pointer that accesses an out-of-bounds region, crashing the application.
CVE-2026-57253 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 6.1 Medium
An abnormal image object causes the renderer to enter the wrong processing branch. When converting the scan lines, an invalid image buffer pointer is used, resulting in the application crashing.
CVE-2026-57251 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 7.8 High
The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application.
CVE-2026-57246 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 7.8 High
When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash.
CVE-2026-57243 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 6.1 Medium
During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash.
CVE-2026-57241 1 Foxitsoftware 2 Foxit Pdf Editor, Foxit Reader 2026-07-10 6.1 Medium
The application opens the PDF, and JavaScript performs operations on the page and the document, causing the page-related objects within the application to lose synchronization; however, the renderer still trusts the outdated page count, and eventually the application crashes due to out-of-bounds access.