Lucene search
K

515570 matches found

CVE
CVE
added 1 hour ago8 views

CVE-2026-13698

A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service...

6CVSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 hours ago6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2 hours ago6 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.1AI score0.00615EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 hours ago5 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
CVE
CVE
added 3 hours ago4 views

CVE-2026-13708

Affected software: Imager::File::JPEG (Perl). Vulnerability: In i_readjpeg_wiol, for each APP13 marker encountered while reading a JPEG, a new buffer is allocated and assigned to *iptc_itext without freeing the previous buffer. The final payload is converted to a Perl scalar and freed, but the ea...

6.1AI score
Exploits0References2
NVD
NVD
added 4 hours ago7 views

CVE-2026-58226

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS
Exploits0References4
NVD
NVD
added 4 hours ago7 views

CVE-2026-4249

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS
Exploits0References1
NVD
NVD
added 4 hours ago6 views

CVE-2026-44937

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the...

8.3CVSS
Exploits0References1
RedhatCVE
RedhatCVE
added 4 hours ago5 views

CVE-2026-14631

A flaw was found in webpack-dev-server. An unauthenticated remote attacker could send a specially crafted HTTP request with a malformed Host header or a WebSocket upgrade with a malformed Origin header. This malformed input causes an uncaught exception, leading to the termination of the Node.js...

5.3CVSS5.9AI score0.00308EPSS
Exploits0References5
Cvelist
Cvelist
added 5 hours ago8 views

CVE-2026-4249 Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 hours ago3 views

CVE-2026-4249

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS6AI score
Exploits0References2Affected Software4
CVE
CVE
added 5 hours ago9 views

CVE-2026-4249

The CVE-2026-4249 affects multiple WSO2 products where the throttling event handling accepts unvalidated JSON payloads. The underlying issue is insufficient validation of the structure/content, enabling an unauthenticated remote attacker to inject malicious JSON that can cause a persistent denial...

8.6CVSS6AI score
Exploits0References1
EUVD
EUVD
added 5 hours ago6 views

EUVD-2026-41871

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS6AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 5 hours ago5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS7.5AI score0.00668EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 5 hours ago3 views

CVE-2026-44937

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the...

8.3CVSS6AI score
Exploits0References2Affected Software1
CVE
CVE
added 5 hours ago13 views

CVE-2026-44937

Summary: An unauthenticated webhook vulnerability in SUSE Rancher Fleet (versions prior to 0.15.2, 0.14 prior to 0.14.6, 0.13 prior to 0.13.11, 0.12 prior to 0.12.15) allows forging webhook requests via regex-based injection from unsanitized repository URL components, potentially enabling DoS or ...

8.3CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 5 hours ago6 views

CVE-2026-44937 SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the...

8.3CVSS
Exploits0References1
EUVD
EUVD
added 5 hours ago3 views

EUVD-2026-41867

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the...

8.3CVSS6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 5 hours ago3 views

CVE-2026-56364

A Denial of Service DoS vulnerability exists in ImageMagick. An attacker with write access to the OpenCL cache directory can exhaust system memory and crash the application by placing a maliciously crafted file. Mitigation To mitigate this, restrict write access to the OpenCL cache directory to...

1.9CVSS6AI score0.00123EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 6 hours ago2 views

CVE-2026-56363

A Denial of Service DoS vulnerability exists in ImageMagick. An attacker can crash the application and cause service unavailability by submitting a maliciously crafted image. Mitigation To mitigate this vulnerability, avoid processing untrusted or unverified image files with ImageMagick. Implemen...

4.8CVSS6AI score0.00111EPSS
Exploits0References5
Rows per page
Query Builder