Lucene search
K

514915 matches found

Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-24270

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering...

9.8CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago2 views

CVE-2026-24266

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...

5.9CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago2 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS
Exploits0References3
NVD
NVD
added 4 hours ago6 views

CVE-2026-14181

@fastify/middie versions 9.1.0 through 9.3.2 fail to guard the URL normalization step used by the standalone engine when incoming request paths contain malformed percent-encoded sequences. Inputs such as an incomplete percent escape or a truncated multibyte sequence cause the underlying decoder t...

7.5CVSS
Exploits0References2
RedHat Linux
RedHat Linux
added 5 hours ago3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 5 hours ago3 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 5 hours ago3 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 5 hours ago3 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS0.00615EPSS
Exploits0References8
CVE
CVE
added 5 hours ago8 views

CVE-2026-14181

CVE-2026-14181 affects @fastify/middie versions 9.1.0 through 9.3.2, where the URL normalization step in the standalone engine fails to sanitize malformed percent‑encoded sequences. Inputs such as incomplete escapes or truncated multibyte sequences cause the underlying decoder to throw synchronou...

7.5CVSS5.8AI score
Exploits0References2
NVD
NVD
added 5 hours ago8 views

CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS
Exploits0References4
RedHat Linux
RedHat Linux
added 5 hours ago2 views

axios: Axios: Denial of Service due to unenforced request and response size limits

A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or...

7.5CVSS0.0063EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 5 hours ago3 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.9CVSS0.0068EPSS
Exploits5References13
OSV
OSV
added 7 hours ago2 views

DEBIAN-CVE-2026-56363

ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash...

4.8CVSS5.8AI score
Exploits0References1
CVE
CVE
added 7 hours ago8 views

CVE-2026-14258

CVE-2026-14258 affects dhcpcd’s IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement with a zero-length ND option bypasses validation during packet storage and is reparsed with inadequate validation, causing the parser to enter a non-advancing loo...

6.5CVSS5.7AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 10 hours ago3 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS7.6AI score0.00668EPSS
Exploits0References5
Nuclei
Nuclei
added 13 hours ago11 views

VMWare Cloud Foundation NSX-V - XML External Entity (XXE)

VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. id: CVE-2022-31678 info: name: VMWare Cloud...

9.1CVSS7.2AI score0.08085EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago35 views

Microweber <1.2.12 - Integer Overflow

Microweber before 1.2.12 is susceptible to integer overflow. The application allows large characters to insert in the input field 'first & last name,' which can allow an attacker to cause a denial of service via a crafted HTTP request. id: CVE-2022-0968 info: name: Microweber 1.2.12 - Integer...

7.2CVSS6.8AI score0.03731EPSS
Exploits1References5
Nuclei
Nuclei
added 13 hours ago91 views

Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection

The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can...

4.3CVSS6.1AI score0.05083EPSS
Exploits0References5
Nuclei
Nuclei
added 13 hours ago30 views

Eaton Intelligent Power Manager 1.6 - Directory Traversal

Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution. id: CVE-2018-12031 info: name: Eaton Intelligent Power Manager 1.6 - Directory Traversal author: daffainfo...

9.8CVSS7.4AI score0.17313EPSS
Exploits2References5
Nuclei
Nuclei
added 13 hours ago19 views

dash-uploader 0.1.0 - 0.7.0a2 - Denial-of-Service via flowTotalChunks

fohrloop dash-uploader v0.1.0 through v0.7.0a2 contains a remote code execution caused by improper handling in Upload function and maxfilesize parameter in dashuploader components, letting remote attackers execute arbitrary code, exploit requires crafted request. id: CVE-2026-38361 info: name:...

7.5CVSS7.9AI score0.02643EPSS
Exploits5References4
Rows per page
Query Builder