Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.9 views

CVE-2026-42348

OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer to read all bytes from the server, with no upper-bound on the number of bytes consumed. This coul...

7.5CVSS5.7AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.10 views

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.7AI score0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 6:1 p.m.7 views

CVE-2026-42348 OpAMP client reads unbounded HTTP response bodies

OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer to read all bytes from the server, with no upper-bound on the number of bytes consumed. This coul...

5.9CVSS5.9AI score0.00311EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 6:1 p.m.18 views

CVE-2026-42348

OpenTelemetry.OpAmp.Client (OpenTelemetry .NET) is affected before version 0.2.0-alpha.1. The HTTP transport reads HttpResponseMessage.Content into memory using ReadAsByteArrayAsync without a size cap, allowing an unbounded read of the entire response body. This can cause memory exhaustion in the...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/12 6:1 p.m.59 views

CVE-2026-42348 OpAMP client reads unbounded HTTP response bodies

OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer to read all bytes from the server, with no upper-bound on the number of bytes consumed. This coul...

5.9CVSS0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 1:31 p.m.30 views

CVE-2026-43916 pam_authnft: Heap buffer overflow in NETLINK_SOCK_DIAG reply walker

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS0.00263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40031

pam authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer lookup tcp src/peer lookup.c:134, prior to the fix allowed a crafted NETLINK SOCK DIAG reply to slip past the message-size check...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References3
CNVD
CNVD
added 2020/06/24 12:0 a.m.1 views

Py-EVM Security Vulnerability

Py-EVM is a Python-based implementation of an Ethernet virtual machine. A security vulnerability exists in Py-EVM version 0.2.0-alpha.33. An attacker can exploit the vulnerability to cause a denial of service...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2018/11/13 12:0 a.m.3 views

Py-EVM Denial of Service Vulnerability

Py-EVM is a Python-based implementation of an Ethernet virtual machine. A denial of service vulnerability exists in Py-EVM version 0.2.0-alpha.33, which can be exploited by an attacker to cause a denial of service...

8.8CVSS8.3AI score0.02901EPSS
Exploits1References1
Rows per page
Query Builder