25 matches found
CVE-2026-26311 Envoy HTTP: filter chain execution on reset streams causing UAF crash
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...
CVE-2026-26311 Envoy HTTP: filter chain execution on reset streams causing UAF crash
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...
CVE-2026-26311
creationtimestamp| type| source ---|---|--- 2026-03-10 16:05:37+00:00| published-proof-of-concept| https://github.com/envoyproxy/envoy/security/advisories/GHSA-84xm-r438-86px...
CVE-2025-26311
Multiple memory leaks have been identified in the clip actions parsing functions parseSWFCLIPACTIONS and parseSWFCLIPACTIONRECORD in util/parser.c of libming v0.4.8, which allow attackers to cause a denial of service via a crafted SWF file...
CVE-2025-26311
Multiple memory leaks have been identified in the clip actions parsing functions parseSWFCLIPACTIONS and parseSWFCLIPACTIONRECORD in util/parser.c of libming v0.4.8, which allow attackers to cause a denial of service via a crafted SWF file...
CVE-2025-26311
Multiple memory leaks have been identified in the clip actions parsing functions parseSWFCLIPACTIONS and parseSWFCLIPACTIONRECORD in util/parser.c of libming v0.4.8, which allow attackers to cause a denial of service via a crafted SWF file...
CVE-2025-26311
Multiple memory leaks have been identified in the clip actions parsing functions parseSWFCLIPACTIONS and parseSWFCLIPACTIONRECORD in util/parser.c of libming v0.4.8, which allow attackers to cause a denial of service via a crafted SWF file...
CVE-2025-26311
CVE-2025-26311 affects libming v0.4.8. The vulnerability stems from memory leaks in the clip actions parsing functions (parseSWF_CLIPACTIONS and parseSWF_CLIPACTIONRECORD) in util/parser.c, allowing denial of service via a crafted SWF file. Connected sources confirm the existence of this issue ac...
SUSE CVE-2020-26311
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...
CVE-2020-26311
A flaw was found in Useragent package, a user agent parser for Node.js. Affected versions of this package contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. Mitigation Mitigation for this issue is either not available or the currently...
3dtoolkit-signal (>=1.1.0 <=2.1.0), 6to5 (>=3.0.16 <=3.6.5) +3745 more potentially affected by CVE-2020-26311 via useragent (>=0.1.2 <=2.3.0)
useragent NPM version =0.1.2, =1.1.0, =3.0.16, =0.0.1, =3.0.16, =0.0.1, =4.0.0, =0.0.15, =8.25.29, =0.2.0-alpha.1, =3.0.1, =1.0.54, =4.0.0, =5.0.13 - @adora-wallet/adoracore-build =8.25.10 and more Source cves: CVE-2020-26311 Source advisory: OSV:GHSA-MGFV-M47X-4WQP...
CVE-2020-26311
creationtimestamp| type| source ---|---|--- 2024-10-26 21:30:47+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-mgfv-m47x-4wqp 2024-10-27 00:00:59+00:00| seen| https://t.me/cvedetector/9038...
CVE-2020-26311
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...
CVE-2020-26311
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...
CVE-2020-26311
The CVE-2020-26311 entry concerns the Node.js Useragent parser. The connected sources confirm a Regular Expression Denial of Service (ReDoS) vulnerability caused by one or more part-regular expressions within the useragent package, affecting all versions at the time of publication. The impact is ...
CVE-2020-26311 GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...
CVE-2020-26311 GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...
CVE-2024-26311
creationtimestamp| type| source ---|---|--- 2024-02-21 21:31:55+00:00| seen| https://t.me/ctinow/190091 2024-02-21 21:36:37+00:00| seen| https://t.me/ctinow/190101 2024-02-22 21:27:18+00:00| seen| https://t.me/arpsyndicate/4057 2024-03-13 11:41:11+00:00| seen| https://t.me/ctinow/206586...
CVE-2024-26311
Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) is affected by a reflected XSS vulnerability. A remote authenticated Archer user could trick a victim application user into submitting malicious JavaScript to the vulnerable web app, which is then reflected back and executed in the browser conte...
CVE-2023-26311
creationtimestamp| type| source ---|---|--- 2023-08-10 14:15:50+00:00| seen| https://t.me/cibsecurity/68187...