❌

Lees weergave

CVE-2026-7774 tarfile.data_filter path traversal bypass allows writing outside the extraction directory

Microsoft Security

7 Juni 2026 om 10:03

Information published.

CVE-2026-3276 Potential DoS via quadratic complexity in unicodedata.normalize()

Microsoft Security

7 Juni 2026 om 10:03

Information published.

CVE-2026-8643 pip can extract console_scripts and gui_scripts outside installation directory

Microsoft Security

7 Juni 2026 om 10:03

Information published.

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-43958 Rrdtool: rrdtool: stack buffer overflow allows local code execution or denial of service

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-5419 Guntls: gnutls: information disclosure via timing side-channel in pkcs#7 padding removal

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-27145 Inefficient candidate hostname parsing in crypto/x509

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-37460 Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

Microsoft Security

7 Juni 2026 om 10:02

Information published.

CVE-2026-10722 cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow

Microsoft Security

7 Juni 2026 om 10:01

Information published.

CVE-2026-50219 libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,

Microsoft Security

7 Juni 2026 om 10:01

Information published.

CVE-2026-11332 Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

Microsoft Security

7 Juni 2026 om 10:01

Information published.