Lucene search
K

515858 matches found

IBM Security Bulletins
IBM Security Bulletins
added 1 hour ago5 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by uncontrolled resource consumption and denial of service. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain...

7.5CVSS6AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 hours ago11 views

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, bundled with WebSphere Remote Server, are affected by a denial of service due to jose4j (CVE-2024-29371)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and IBM WebSphere Application Server Liberty has been published in a security...

7.5CVSS6.8AI score0.00244EPSS
Exploits1Affected Software1
NVD
NVD
added 4 hours ago5 views

CVE-2026-56811

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix Phoenix.Socket module allows an unauthenticated attacker to cause a denial of service against any endpoint that mounts a Phoenix socket with a reachable channel transport WebSocket or LongPoll. This...

8.7CVSS
Exploits0References7
NVD
NVD
added 4 hours ago6 views

CVE-2026-56812

Improper Check for Unusual or Exceptional Conditions vulnerability in phoenixframework phoenix Presence JavaScript client allows an attacker with ordinary channel access to cause a persistent client-side denial of service against every viewer of a presence channel topic. This vulnerability is...

6.3CVSS
Exploits0References7
CVE
CVE
added 5 hours ago5 views

CVE-2026-56812

This CVE affects Phoenix JS Presence (presence.js) with an unsafe existence check (state[key]) in Presence.syncState/Presence.syncDiff. Attacker-chosen keys that collide with Object.prototype cause the lookup to return Object.prototype, misclassify as existing, and read .metas.map(...) leading to...

6.3CVSS6AI score
Exploits0References7
Cvelist
Cvelist
added 5 hours ago5 views

CVE-2026-56812 Phoenix JavaScript presence client crashes on presence keys colliding with Object.prototype members in Presence.syncState/syncDiff

Improper Check for Unusual or Exceptional Conditions vulnerability in phoenixframework phoenix Presence JavaScript client allows an attacker with ordinary channel access to cause a persistent client-side denial of service against every viewer of a presence channel topic. This vulnerability is...

6.3CVSS
Exploits0References7
EUVD
EUVD
added 5 hours ago4 views

EUVD-2026-42050

Improper Check for Unusual or Exceptional Conditions vulnerability in phoenixframework phoenix Presence JavaScript client allows an attacker with ordinary channel access to cause a persistent client-side denial of service against every viewer of a presence channel topic. This vulnerability is...

6.3CVSS6AI score
Exploits0References7
NVD
NVD
added 5 hours ago4 views

CVE-2026-14940

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS
Exploits0References2
OSV
OSV
added 5 hours ago3 views

EEF-CVE-2026-56811 Phoenix transports do not limit channel joins per connection, enabling process-exhaustion denial of service

Summary Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix Phoenix.Socket module allows an unauthenticated attacker to cause a denial of service against any endpoint that mounts a Phoenix socket with a reachable channel transport WebSocket or LongPoll...

8.7CVSS6AI score
Exploits0References7
CVE
CVE
added 5 hours ago5 views

CVE-2026-56811

The CVE-2026-56811 issue affects the Phoenix framework (Phoenix.Socket) where transports (WebSocket/LongPoll) allow an unbounded number of channel joins per transport, enabling a single unauthenticated client to exhaust BEAM processes and cause a denial-of-service across the node. Root cause is l...

8.7CVSS5.9AI score
Exploits0References7
Cvelist
Cvelist
added 5 hours ago6 views

CVE-2026-56811 Phoenix transports do not limit channel joins per connection, enabling process-exhaustion denial of service

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix Phoenix.Socket module allows an unauthenticated attacker to cause a denial of service against any endpoint that mounts a Phoenix socket with a reachable channel transport WebSocket or LongPoll. This...

8.7CVSS
Exploits0References7
EUVD
EUVD
added 5 hours ago4 views

EUVD-2026-42049

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix Phoenix.Socket module allows an unauthenticated attacker to cause a denial of service against any endpoint that mounts a Phoenix socket with a reachable channel transport WebSocket or LongPoll. This...

8.7CVSS5.9AI score
Exploits0References7
RedHat Linux
RedHat Linux
added 5 hours ago5 views

freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client

A flaw was found in FreeIPMI. Specifically, the ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands, contains exploitable buffer overflows. A remote attacker could exploit these vulnerabilities by sending specially crafted response messages to the...

7.5CVSS6.1AI score0.00405EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 5 hours ago5 views

Moderate: Red Hat Security Advisory: freeipmi security update

An update for freeipmi is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6.3AI score0.00405EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 6 hours ago5 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.23 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.01335EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 6 hours ago5 views

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

7.8CVSS6.5AI score0.00114EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 hours ago5 views

freerdp: FreeRDP: Arbitrary code execution via crafted RDPGFX PDUs

A heap-buffer-overflow vulnerability exists in FreeRDP when handling Remote Desktop Protocol Graphics RDPGFX. A malicious or compromised RDP server can exploit this flaw by sending specially crafted graphics packets to a connected client, potentially crashing the client application Denial of...

8.8CVSS7.5AI score0.0042EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 hours ago5 views

freerdp: FreeRDP: Arbitrary code execution and denial of service via heap-buffer-overflow

A heap-buffer overflow vulnerability exists in the FreeRDP server's clipboard channel. A remote attacker can exploit this by sending a specially crafted message to the server, which can crash the service Denial of Service or potentially allow the attacker to execute arbitrary code...

8.8CVSS7.5AI score0.03472EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 hours ago5 views

freerdp: FreeRDP: Out-of-bounds write in planar bitmap decoder allows arbitrary code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The planar bitmap decoder contains an out-of-bounds heap write vulnerability when processing RLE planar data. A remote attacker could exploit this by providing specially crafted RLE planar data, leading to an...

9.8CVSS6.6AI score0.00462EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 hours ago4 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS7.8AI score0.03472EPSS
Exploits5References6
Rows per page
Query Builder