Lucene search
K

24 matches found

Circl
Circl
added 4 days ago11 views

CVE-2026-11586

creationtimestamp| type| source ---|---|--- 2026-07-03 21:32:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mprioxws2j2w...

7.5CVSS5.9AI score0.00206EPSS
Exploits0References1
Debian CVE
Debian CVE
added 4 days ago6 views

CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

7.5CVSS6AI score0.00206EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Curl 8.16.0 < 8.21.0 WebSocket Auto-PONG Memory Exhaustion

The version of curl installed on the remote host is 8.16.0 prior to 8.21.0. It is, therefore, affected by a denial of service vulnerability: - Because curl lacks an upper bound on memory allocation for unacknowledged WebSocket frames, a malicious server can exhaust all available memory by floodin...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References2
Wolfi
Wolfi
added 2026/01/14 7:48 p.m.8 views

CVE-2024-11586 vulnerabilities

Vulnerabilities for packages: pulseaudio...

4CVSS7AI score0.00295EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.7 views

CVE-2020-11586

An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data...

9.8CVSS7.1AI score0.01247EPSS
Exploits1References1
NVD
NVD
added 2024/11/23 3:15 a.m.12 views

CVE-2024-11586

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...

4CVSS0.00295EPSS
Exploits0References2
OSV
OSV
added 2024/11/23 3:15 a.m.4 views

AZL-53525 CVE-2024-11586 affecting package pulseaudio 16.1-2

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...

4CVSS5.7AI score0.00295EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/11/23 3:15 a.m.11 views

CVE-2024-11586

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...

4CVSS5.8AI score0.00295EPSS
Exploits0References1
Circl
Circl
added 2024/11/23 2:25 a.m.7 views

CVE-2024-11586

creationtimestamp| type| source ---|---|--- 2024-11-23 02:25:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113529895114901796...

4CVSS6.9AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2022/12/12 6:15 a.m.8 views

AZL-11586 CVE-2022-46908 affecting package sqlite for versions less than 3.39.2-2

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

7.3CVSS6.8AI score0.00425EPSS
Exploits1References1
CVE
CVE
added 2020/04/06 9:35 p.m.71 views

CVE-2020-11586

CIPPlanner CIPAce 9.1 Build 2019092801 is affected by an XXE in the API that accepts XML DTD data. An unauthenticated, network-based attacker can exploit this via crafted XML requests. CVSSv3.1/2.0 scores indicate High to Critical impact on confidentiality, integrity, and availability (base 9.8, ...

9.8CVSS9.4AI score0.01247EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.33 views

Atlassian JIRA 7.13.x < 7.13.6 / 8.x < 8.2.3 / 8.3.x < 8.3.2 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is potentially affected by multiple vulnerabilities: - An open redirect vulnerability exists in the startup.jsp resource. An unauthenticated, remote attacker can exploit this via the...

6.5CVSS5.8AI score0.01217EPSS
Exploits0References10
Atlassian
Atlassian
added 2019/08/09 3:51 a.m.57 views

The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586

The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...

4.3CVSS6.1AI score0.00647EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/08/09 3:51 a.m.32 views

The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586

The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...

4.3CVSS6.1AI score0.00647EPSS
Exploits0
Circl
Circl
added 2018/06/06 11:16 p.m.4 views

CVE-2018-11586

creationtimestamp| type| source ---|---|--- 2018-06-06 23:16:17+00:00| published-proof-of-concept| https://t.me/cKure/66...

9.8CVSS8.7AI score0.1517EPSS
Exploits5References1
Cvelist
Cvelist
added 2018/06/05 9:0 p.m.15 views

CVE-2018-11586

XML external entity XXE vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

9.3AI score0.1517EPSS
Exploits5References3
CVE
CVE
added 2018/06/05 9:0 p.m.63 views

CVE-2018-11586

The CVE-2018-11586 entry describes an XML External Entity (XXE) vulnerability in SearchBlox 8.6.7, specifically in api/rest/status. The root cause is improper XML parsing that allows a crafted DTD to cause remote file disclosure and server-side request forgery (SSRF), enabling remote unauthentica...

9.8CVSS9.2AI score0.1517EPSS
Exploits5References3Affected Software1
Packet Storm
Packet Storm
added 2018/06/04 12:0 a.m.57 views

SearchBlox 8.6.7 XML External Entity Injection

Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE: CVE-2018-11586 1. DETAILS An XML External Entity attack is a typ...

9.7AI score0.1517EPSS
Exploits5
0day.today
0day.today
added 2018/06/04 12:0 a.m.86 views

SearchBlox 8.6.7 - XML External Entity Injection Vulnerability

Exploit for java platform in category web applications Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE:...

0.1517EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/04 12:0 a.m.34 views

SearchBlox 8.6.7 - XML External Entity Injection

SearchBlox 8.6.7 - XML External Entity Injection Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE: CVE-2018-11586 ...

7.5CVSS9.9AI score0.1517EPSS
Exploits5
Rows per page
Query Builder