Lucene search
K

2254 matches found

vulnersOsv
vulnersOsv
added 2026/05/07 12:20 a.m.13 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3625 more potentially affected by CVE-2026-42583 via io.netty:netty-codec-compression (>=4.2.0.Alpha3 <=4.2.12.Final)

io.netty:netty-codec-compression MAVEN version =4.2.0.Alpha3, =0.1.0, =0.1.0, =4.7.4, =4.7.4, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42583 Source advisory: OSV:GHSA-MJ4R-2HFC-F8P6...

7.5CVSS6.7AI score0.00429EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/06 11:34 p.m.10 views

CVE-2026-43258

A flaw was found in the Linux kernel, specifically affecting Alpha systems when memory compaction is enabled. Insufficient Translation Lookaside Buffer TLB shootdown during page migration can lead to sporadic user-space crashes and heap corruption. This vulnerability can result in application...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.23 views

EUVD-2026-27817

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

5.8AI score0.00138EPSS
Exploits0References5
NVD
NVD
added 2026/05/06 12:16 p.m.56 views

CVE-2026-43258

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

7.8CVSS0.00138EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.51 views

CVE-2026-43258 alpha: fix user-space corruption during memory compaction

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

7.8CVSS0.00138EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.8 views

CVE-2026-43258

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

5.8AI score0.00138EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.25 views

CVE-2026-43258

CVE-2026-43258 concerns the Linux kernel: on Alpha systems, memory compaction can trigger user-space crashes and heap corruption due to insufficient TLB shootdown during page migration. Root cause involves ASN rollover and stale instruction translations surviving migration. The fix introduces a m...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37598

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Alpha systems may experience sporadic user-space crashes and heap corruption when memory compaction is enabled. This issue is caused by insufficient TLB Translation Lookaside Buffer...

7.8CVSS5.5AI score0.00138EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient TLB invalidation during memory compression in the Alpha architecture. This...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is...

7.8CVSS7AI score0.00138EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/05 9:57 p.m.8 views

Memory Allocation with Excessive Size Value

Overview OpenTelemetry.OpAmp.Client is an OpAMP Client for OpenTelemetry .NET Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the PlainHttpTransport response handling in the OpAMP HTTP transport. An attacker can force the client to allocate...

8.2CVSS5.9AI score0.00311EPSS
Exploits0References2
OSV
OSV
added 2026/04/30 3:30 p.m.21 views

GHSA-HM32-HFMW-RHVG Keycloak has a Forced Browsing issue

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.8AI score0.00232EPSS
Exploits0References10
CVE
CVE
added 2026/04/30 2:53 p.m.22 views

CVE-2026-7500

CVE-2026-7500 affects Keycloak server when started with --features-disabled=account,account-api. Affected component: Account REST API under /account/v1alpha1. Root cause: five endpoints remain fully functional because they lack the checkAccountApiEnabled() gate that blocks four other endpoints in...

5.4CVSS5.3AI score0.00232EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/04/30 2:53 p.m.17 views

EUVD-2026-26381

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.3AI score0.00232EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/28 6:30 a.m.8 views

BigSweetPotatoStudio HyperChat has a Server-Side Request Forgery issue

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/04/28 4:0 a.m.3 views

EUVD-2026-25980

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request...

7.5CVSS7.1AI score0.00278EPSS
Exploits0References5
OSV
OSV
added 2026/04/24 8:29 p.m.8 views

CLSA-2026-1777059908 binutils: Fix of 4 CVEs

CVE-2022-47673: fix out-of-bounds reads in parsemodule bfd/vms-alpha.c, combined backport of upstream commits c9178f28, 942fa4fb, 77c225bd, 65cf035b and c093f5ee patch also covers CVE-2023-25584 - CVE-2022-47695: fix segfault in objdump comparesymbols on synthetic plt symbols - CVE-2022-47696:...

7.8CVSS6.7AI score0.00461EPSS
Exploits3References1
OSV
OSV
added 2026/04/24 4:15 p.m.5 views

GHSA-VVF7-6RMR-M29Q Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars

Summary Dgraph v25.3.2 still exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can retrieve that token and replay it in the...

9.8CVSS5.8AI score0.02187EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/24 4:15 p.m.11 views

Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars

Summary Dgraph v25.3.2 still exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can retrieve that token and replay it in the...

9.8CVSS5.5AI score0.02187EPSS
Exploits1References4Affected Software3
vulnersOsv
vulnersOsv
added 2026/04/24 12:19 p.m.8 views

org.apache.dolphinscheduler:dolphinscheduler-alert-server (>=3.2.1 <=3.3.0-alpha), org.apache.dolphinscheduler:dolphinscheduler-extract-alert (>=3.2.1 <=3.3.0-alpha) +13 more potentially affected by CVE-2025-62233 via org.apache.dolphinscheduler:dolphinscheduler-extract-base (>=3.2.1 <=3.3.0-alpha)

org.apache.dolphinscheduler:dolphinscheduler-extract-base MAVEN version =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.3.0-alpha - o...

6.3CVSS5.8AI score0.00537EPSS
Exploits0
Rows per page
Query Builder