Lucene search
K

22 matches found

OSV
OSV
added 2026/06/15 4:19 p.m.5 views

USN-8430-1 adsys vulnerabilities

It was discovered that ADSys did not properly handle certain HTTP/2 frames. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 26.04 LTS. CVE-2026-27141 It was discovered that ADSys did not properly handle certain HTTP/2 SETTINGS frames. ...

7.5CVSS7.9AI score0.00781EPSS
Exploits0References3
OSV
OSV
added 2026/04/01 9:27 a.m.14 views

CLEANSTART-2026-VS17175 Security fixes for CVE-2026-24051, CVE-2026-27139, CVE-2026-27141, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.6.0-r3

Multiple security vulnerabilities affect the fluent-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.9AI score0.01557EPSS
Exploits1References11
OSV
OSV
added 2026/04/01 9:20 a.m.3 views

CLEANSTART-2026-YM45607 Security fixes for CVE-2025-53547, CVE-2025-55198, CVE-2025-55199, CVE-2026-27141, CVE-2026-33186, ghsa-557j-xg8c-q2mm, ghsa-9h84-qmv7-982p, ghsa-f6x5-jh6r-wrfv, ghsa-f9f8-9pmf-xv68, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 2.14.2-r0, 2.14.2-r1, 2.14.2-r2

Multiple security vulnerabilities affect the harbor package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS7.3AI score0.01557EPSS
Exploits2References17
OSV
OSV
added 2026/03/12 2:48 p.m.8 views

GHSA-4HJQ-9H5C-252J Traefik: HTTP/2 frames can cause a running server to panic

Summary More Details: - https://nvd.nist.gov/vuln/detail/CVE-2026-27141 - https://pkg.go.dev/golang.org/x/net/http2?tab=versions Patches - https://github.com/traefik/traefik/releases/tag/v3.6.10 - https://github.com/traefik/traefik/releases/tag/v2.11.40 For more information If you have any...

7.7CVSS5.8AI score
Exploits0References4
Chainguard
Chainguard
added 2026/03/03 7:17 a.m.9 views

CVE-2026-27141 vulnerabilities

Vulnerabilities for packages: splunk-otel-collector, buildkite-agent-fips, terraform-provider-acme, cluster-api-azure-controller, apache-beam-python-3.13-sdk, apm-server, nemo, apache-beam-python-3.11-sdk, kube-rbac-proxy, flux-source-watcher-fips, crossplane-provider-aws-memorydb,...

7.5CVSS7.1AI score0.00501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-27141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic CVE-2026-27141 Note that Nessus relies on the presence of the...

7.5CVSS7.3AI score0.00501EPSS
Exploits0References2
Circl
Circl
added 2026/02/28 10:1 a.m.5 views

CVE-2026-27141

creationtimestamp| type| source ---|---|--- 2026-02-28 10:01:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfvxrxbj4j2c 2026-03-13 01:20:01+00:00| seen| https://bsky.app/profile/dbt3.ch/post/3mgvqpkdona2m 2026-03-16 00:00:00+00:00| seen|...

7.5CVSS7.3AI score0.00501EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/27 10:37 p.m.5 views

CVE-2026-27141

A flaw was found in golang.org/x/net/http2. A remote attacker can exploit this vulnerability by sending specially crafted HTTP/2 frames, which are data packets used in the HTTP/2 protocol. Due to a missing check for null values, processing these specific frames types 0x0a through 0x0f can cause t...

7.5CVSS7AI score0.00501EPSS
Exploits0References6
OSV
OSV
added 2026/02/26 8:31 p.m.6 views

AZL-78680 CVE-2026-27141 affecting package azurelinux-image-tools 1.2.0-1

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...

7.5CVSS7.4AI score0.00501EPSS
Exploits0References1
NVD
NVD
added 2026/02/26 8:31 p.m.10 views

CVE-2026-27141

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...

7.5CVSS0.00501EPSS
Exploits0References4
OSV
OSV
added 2026/02/26 8:31 p.m.8 views

AZL-78653 CVE-2026-27141 affecting package azl-otel-collector 0.127.0-1

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...

7.5CVSS7.4AI score0.00501EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.7 views

CVE-2021-27141

An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded j7aLyZ98sSd5HfSgGjMj8;Ss;d&^@$a2s0i3g key. The webs binary has details on how XOR is used...

9.8CVSS7AI score0.158EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/24 12:30 a.m.5 views

EUVD-2025-204993

Soda PDF Desktop PDF File Parsing Memory Corruption Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Soda PDF Desktop. User interaction is required to exploit this vulnerability in that the target must...

3.3CVSS5.2AI score0.00147EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/26 10:18 p.m.18 views

CVE-2025-27141

Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software. Starting in version 1.47.0 and prior to versions 1.50.36, 1.51.14, 1.52.11, and 1.53.2 of Metabase Enterprise Edition, users with impersonation permissions may be able to see resul...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References1
Circl
Circl
added 2025/02/24 10:22 p.m.5 views

CVE-2025-27141

creationtimestamp| type| source ---|---|--- 2025-02-24 22:22:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5230 2025-02-25 00:39:07+00:00| seen| https://t.me/cvedetector/18832 2025-03-02 11:45:37+00:00| seen| Telegram/tEVz3iKe6Q4BOdDA0KUiMoHmAZLffmp5yNY42hgU3f3m2tcj...

6.5CVSS5.3AI score0.00336EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/24 10:5 p.m.19 views

CVE-2025-27141 Metabase Enterprise Edition allows cached questions to leak data to impersonated users

Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software. Starting in version 1.47.0 and prior to versions 1.50.36, 1.51.14, 1.52.11, and 1.53.2 of Metabase Enterprise Edition, users with impersonation permissions may be able to see resul...

4.8CVSS6.3AI score0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/24 10:5 p.m.24 views

CVE-2025-27141 Metabase Enterprise Edition allows cached questions to leak data to impersonated users

Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software. Starting in version 1.47.0 and prior to versions 1.50.36, 1.51.14, 1.52.11, and 1.53.2 of Metabase Enterprise Edition, users with impersonation permissions may be able to see resul...

4.8CVSS0.00336EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/14 2:21 a.m.18 views

CVE-2024-27141 Pre-authenticated Time-Based Blind XXE injection

Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity XXE vulnerability. An attacker can DoS the printers by sending a HTTP request without authentication. A...

5.9CVSS6.9AI score0.01115EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/14 2:21 a.m.23 views

CVE-2024-27141 Pre-authenticated Time-Based Blind XXE injection

Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity XXE vulnerability. An attacker can DoS the printers by sending a HTTP request without authentication. A...

5.9CVSS0.01115EPSS
Exploits1References4
NVD
NVD
added 2021/02/10 7:15 p.m.25 views

CVE-2021-27141

An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded j7aLyZ98sSd5HfSgGjMj8;Ss;d&^@$a2s0i3g key. The webs binary has details on how XOR is used...

9.8CVSS0.158EPSS
Exploits1References1
Rows per page
Query Builder