7 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-54428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows a...
CVE-2026-54428
Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...
CVE-2026-54428
The CVE concerns Apache HttpComponents Core HPACK decoder: on HTTP/2, the HPACK decoder may allocate resources without limits or throttling, allowing a remote attacker to cause memory exhaustion and denial of service. Affected versions are 5.4.2 and earlier, and 5.5-beta1 and earlier. The issue o...
CVE-2026-54399
Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...
ai.acolite:openai-agent-sdk (>=0.1.0 <=0.4.0), ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +11788 more potentially affected by CVE-2025-8671 via org.apache.httpcomponents.core5:httpcore5-h2 (>=5.0 <=5.3.4)
org.apache.httpcomponents.core5:httpcore5-h2 MAVEN version =5.0, =0.1.0, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.1, =0.0.4, =0.0.4, =1.0.0, =1.0.2 and more Source...
Vulnerabilities fixed in IBM DB2
IBM has fixed vulnerabilities in several DB2 products such as DB2, DB2 for Cloud Pak and Web Query for i. A malicious party could exploit the exploit the vulnerabilities to grant himself locally elevated privileges assigned arbitrary code and thus execute arbitrary code with potentially privilege...
SUSE CVE-2009-0023
The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...