Lucene search
K

515645 matches found

NVD
NVD
added 2 hours ago4 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS
Exploits0References1
CVE
CVE
added 2 hours ago6 views

CVE-2026-40140

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...

8.7CVSS6AI score
Exploits0References1
NVD
NVD
added 3 hours ago5 views

CVE-2026-58380

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.3CVSS
Exploits0References4
NVD
NVD
added 3 hours ago4 views

CVE-2026-13698

A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service...

6CVSS
Exploits0References1
Cvelist
Cvelist
added 3 hours ago6 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS
Exploits0References1
CVE
CVE
added 3 hours ago9 views

CVE-2026-13122

Summary: CVE-2026-13122 affects OpenVPN up to v2.6.20 and v2.7.4 (including 2.7_alpha1–2.7.4). A malformed authentication token, when external-auth is enabled, can trigger a reachable assertion and cause a denial of service. Impact: Denial of service; vulnerability affects remote attacker exploit...

5.9CVSS6AI score
Exploits0References1
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-41880

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 hours ago4 views

CVE-2026-13698

A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service...

6CVSS6AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added 4 hours ago4 views

CVE-2026-13698

A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service...

6CVSS
Exploits0References1
CVE
CVE
added 4 hours ago10 views

CVE-2026-13698

CVE-2026-13698 affects OpenVPN across multiple branches (2.5.0–2.5.11, 2.6.0–2.6.20, 2.7_alpha1–2.7.4). The issue is a memory leak that can be triggered by remote attackers possessing a valid tls-crypt-v2 client key, potentially causing denial of service. FreeBSD/Nessus and OSV entries indicate O...

6CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 hours ago5 views

CVE-2026-58380

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.3CVSS6.3AI score
Exploits0References5
Cvelist
Cvelist
added 4 hours ago5 views

CVE-2026-58380 Gimp: gimp: stack buffer overflow in pnmscanner_gettoken()

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.3CVSS
Exploits0References4
EUVD
EUVD
added 4 hours ago2 views

EUVD-2026-41875

A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...

7.3CVSS6.3AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 5 hours ago4 views

CVE-2026-14760

A flaw was found in radareorg radare2. This vulnerability, a use-after-free, affects the regprofile Handler component. A local attacker can exploit this flaw by performing a specific manipulation, which could lead to a denial of service, making the application unavailable. Mitigation To mitigate...

4.8CVSS5.9AI score
Exploits0References10
RedHat Linux
RedHat Linux
added 5 hours ago6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 5 hours ago5 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 5 hours ago6 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.1AI score0.00615EPSS
Exploits0References8
EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-41873

Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in ireadjpegwiol. ireadjpegwiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with iptcitext = mymalloc... and overwrites the previous...

6.1AI score
Exploits0References2
CVE
CVE
added 6 hours ago5 views

CVE-2026-13708

Affected software: Imager::File::JPEG (Perl). Vulnerability: In i_readjpeg_wiol, for each APP13 marker encountered while reading a JPEG, a new buffer is allocated and assigned to *iptc_itext without freeing the previous buffer. The final payload is converted to a Perl scalar and freed, but the ea...

6.1AI score
Exploits0References2
NVD
NVD
added 7 hours ago7 views

CVE-2026-58226

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS
Exploits0References4
Rows per page
Query Builder