Lucene search
K

584 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41065

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score
Exploits0References2Affected Software1
NVD
NVD
added 3 days ago6 views

CVE-2026-44628

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS0.00395EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-40412

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-44628 OFFIS DCMTK Toolkit Type Confusion

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS0.00395EPSS
Exploits0References3
CVE
CVE
added 3 days ago10 views

CVE-2026-44628

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 12:0 a.m.11 views

CVE-2025-61023

The CVE-2025-61023 entry concerns openlink virtuoso-opensource, specifically the st_compare component in version 7.2.11. Multiple connected sources confirm that a flaw in st_compare can be exploited by sending crafted SQL statements, resulting in a Denial of Service (DoS) that can render the serv...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 12:0 a.m.33 views

CVE-2025-61028

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

0.00482EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in PostgresSQL 11

A flaw was discovered in PostgreSQL. A specially crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can carry out this attack at will. The attack does not require the ability to create objects. If the server settings include...

6.5CVSS6.9AI score0.0142EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 2:38 p.m.3 views

Security Bulletin: IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index (CVE-2026-1352)

Summary IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index. Vulnerability Details CVEID:CVE-2026-1352 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server...

6.5CVSS5.3AI score0.00328EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.14 views

CVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

7.5CVSS5.4AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-1718

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

7.5CVSS5.4AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/04 11:57 a.m.15 views

CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References5
CVE
CVE
added 2026/06/04 12:0 a.m.19 views

CVE-2026-35906

CVE-2026-35906 affects T3 Technology CPE models T625Pro v1.0.07 and T6825G v1.0.03. The vulnerability stems from an undocumented debug CGI endpoint that is accessible without authentication, allowing an attacker to supply a crafted HTTP query string to execute arbitrary commands with root privile...

9.6CVSS6.1AI score0.00466EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-44574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect...

8.1CVSS5.8AI score0.00449EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-47181

Albatross-console doesn't properly terminate when looping over the ringbuffer. This leads to denial of service and memory exhaustion. Scenario A user that has access to albatross-console either via the unix domain socket requires root:albatross by default or via albatross-tls-endpoint requires a...

7.1CVSS5.7AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.13 views

CVE-2025-36122

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.19 views

CVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

7.5CVSS0.00177EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 p.m.16 views

CVE-2026-1718

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

7.5CVSS0.00362EPSS
Exploits0References1
Rows per page
Query Builder