24 matches found
CVE-2026-11586
creationtimestamp| type| source ---|---|--- 2026-07-03 21:32:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mprioxws2j2w...
CVE-2026-11586
By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...
Curl 8.16.0 < 8.21.0 WebSocket Auto-PONG Memory Exhaustion
The version of curl installed on the remote host is 8.16.0 prior to 8.21.0. It is, therefore, affected by a denial of service vulnerability: - Because curl lacks an upper bound on memory allocation for unacknowledged WebSocket frames, a malicious server can exhaust all available memory by floodin...
CVE-2024-11586 vulnerabilities
Vulnerabilities for packages: pulseaudio...
CVE-2020-11586
An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data...
CVE-2024-11586
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...
AZL-53525 CVE-2024-11586 affecting package pulseaudio 16.1-2
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...
CVE-2024-11586
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...
CVE-2024-11586
creationtimestamp| type| source ---|---|--- 2024-11-23 02:25:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113529895114901796...
AZL-11586 CVE-2022-46908 affecting package sqlite for versions less than 3.39.2-2
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...
CVE-2020-11586
CIPPlanner CIPAce 9.1 Build 2019092801 is affected by an XXE in the API that accepts XML DTD data. An unauthenticated, network-based attacker can exploit this via crafted XML requests. CVSSv3.1/2.0 scores indicate High to Critical impact on confidentiality, integrity, and availability (base 9.8, ...
Atlassian JIRA 7.13.x < 7.13.6 / 8.x < 8.2.3 / 8.3.x < 8.3.2 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is potentially affected by multiple vulnerabilities: - An open redirect vulnerability exists in the startup.jsp resource. An unauthenticated, remote attacker can exploit this via the...
The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...
The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...
CVE-2018-11586
creationtimestamp| type| source ---|---|--- 2018-06-06 23:16:17+00:00| published-proof-of-concept| https://t.me/cKure/66...
CVE-2018-11586
XML external entity XXE vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...
CVE-2018-11586
The CVE-2018-11586 entry describes an XML External Entity (XXE) vulnerability in SearchBlox 8.6.7, specifically in api/rest/status. The root cause is improper XML parsing that allows a crafted DTD to cause remote file disclosure and server-side request forgery (SSRF), enabling remote unauthentica...
SearchBlox 8.6.7 XML External Entity Injection
Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE: CVE-2018-11586 1. DETAILS An XML External Entity attack is a typ...
SearchBlox 8.6.7 - XML External Entity Injection Vulnerability
Exploit for java platform in category web applications Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE:...
SearchBlox 8.6.7 - XML External Entity Injection
SearchBlox 8.6.7 - XML External Entity Injection Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE: CVE-2018-11586 ...