Lucene search
+L

591 matches found

ibm
ibm
added yesterday13 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap (CVE-2026-6051)

Summary IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap. Vulnerability Details CVEID:CVE-2026-6051 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a...

7.5CVSS6.1AI score0.00177EPSS
Exploits0Affected Software1
redhat
redhat
added 2026/07/02 12:3 a.m.8 views

Next.js: Next.js: Authorization bypass via crafted query parameters

A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could...

8.1CVSS5.9AI score0.00485EPSS
Exploits2References5
nvd
nvd
added 2026/07/01 5:16 p.m.7 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS0.00347EPSS
Exploits0References1
euvd
euvd
added 2026/07/01 4:17 p.m.9 views

EUVD-2026-41065

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/01 4:17 p.m.6 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/06/30 9:16 p.m.7 views

CVE-2026-44628

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS0.00395EPSS
Exploits0References3
osv
osv
added 2026/06/30 9:16 p.m.3 views

DEBIAN-CVE-2026-44628

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS6AI score0.00395EPSS
Exploits0References1
debiancve
debiancve
added 2026/06/30 8:54 p.m.5 views

CVE-2026-44628

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS6AI score0.00395EPSS
Exploits0
euvd
euvd
added 2026/06/30 8:54 p.m.8 views

EUVD-2026-40412

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/30 8:54 p.m.34 views

CVE-2026-44628 OFFIS DCMTK Toolkit Type Confusion

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS0.00395EPSS
Exploits0References3
osv
osv
added 2026/06/30 8:54 p.m.4 views

CVE-2026-44628 OFFIS DCMTK Toolkit Type Confusion

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS6AI score0.00395EPSS
Exploits0References5
cve
cve
added 2026/06/30 8:54 p.m.31 views

CVE-2026-44628

CVE-2026-44628 corresponds to an OFFIS DCMTK Toolkit Type Confusion issue. An unauthenticated attacker can crash the worklist server by sending a single crafted query when the server has a valid Called AE Title/storage directory, the expected lockfile, and at least one matching worklist record. T...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.16 views

PT-2026-53987

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated attacker can cause a crash of the worklist server by sending a single crafted query. This occurs when the server is configured with a valid...

8.7CVSS6AI score0.00395EPSS
Exploits0References8
osv
osv
added 2026/06/23 5:16 p.m.6 views

DEBIAN-CVE-2025-61027

An issue in the tsetpush component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References1
cve
cve
added 2026/06/23 12:0 a.m.17 views

CVE-2025-61023

The CVE-2025-61023 entry concerns openlink virtuoso-opensource, specifically the st_compare component in version 7.2.11. Multiple connected sources confirm that a flaw in st_compare can be exploited by sending crafted SQL statements, resulting in a Denial of Service (DoS) that can render the serv...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/23 12:0 a.m.38 views

CVE-2025-61028

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

0.00482EPSS
Exploits0References1
ibm
ibm
added 2026/06/18 2:38 p.m.3 views

Security Bulletin: IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index (CVE-2026-1352)

Summary IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index. Vulnerability Details CVEID:CVE-2026-1352 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server...

6.5CVSS5.3AI score0.00328EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/06/05 7:32 p.m.17 views

CVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

7.5CVSS5.4AI score0.00177EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:19 p.m.11 views

CVE-2026-1718

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

7.5CVSS5.4AI score0.00362EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/04 11:57 a.m.19 views

CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References5
Rows per page
Query Builder