Lucene search
K

10 matches found

OSV
OSV
added 2026/05/24 4:16 a.m.6 views

UBUNTU-CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.3 views

Neo4j MCP Clients & Servers 安全漏洞

Neo4j MCP Clients & Servers is a Neo4j Contrib open source protocol for managing large language model contexts. A security vulnerability exists in Neo4j MCP Clients & Servers version 0.3.0, which originates in the SSE service and could lead to the disclosure of sensitive information or the...

7.5CVSS6.6AI score0.00448EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/03/06 3:33 a.m.43 views

CVE-2024-24783

A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...

5.9CVSS6.9AI score0.00667EPSS
Exploits0References10
OSV
OSV
added 2023/02/28 6:15 p.m.5 views

AZL-13737 CVE-2022-41724 affecting package msft-golang for versions less than 1.19.6-1

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-3917

The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service crash via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the...

7.8CVSS6.9AI score0.02105EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.49 views

Security Bulletin: IBM Initiate Master Data Service, IBM InfoSphere Master Data Management are affected by the following OpenSSL vulnerabilities: (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

6.8CVSS8AI score0.99977EPSS
Exploits14Affected Software1
RedHat Linux
RedHat Linux
added 2022/01/27 1:14 p.m.2 views

golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header

A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes...

5.9CVSS7.1AI score0.03692EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:59 p.m.45 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server affects Tivoli Workload Scheduler (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM embedded WebSphere Application Server that is used by Tivoli Workload Scheduler. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A vulnerability in various IBM SSL/TLS...

4.3CVSS0.1AI score0.03239EPSS
Exploits0Affected Software1
OSV
OSV
added 2015/10/25 2:38 p.m.4 views

MGASA-2015-0409 Updated rsync packages fix security vulnerability

Michael Samuel discovered that rsync was vulnerable to checksum collisions. This could prevent rsync from running and syncing files successfully, which could break various applications that use and rely on rsync rhbz1197601. The patched rsync will now operate in a way that is not vulnerable to th...

6.9AI score
Exploits0References2
Cvelist
Cvelist
added 2007/10/11 10:0 a.m.24 views

CVE-2007-3917

The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service crash via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the...

6.2AI score0.02105EPSS
Exploits0References13
Rows per page
Query Builder