Lucene search
K

3462 matches found

Cvelist
Cvelist
added 2026/03/07 4:8 p.m.27 views

CVE-2026-29076 cpp-httplib: Stack Overflow Denial of Service (DoS) via std::regex in multipart filename parsing

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS0.00602EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.5 views

CVE-2026-28395

OpenClaw version 2026.1.14-1 prior to 2026.2.12 contain an improper network binding vulnerability in the Chrome extension must be installed and enabled relay server that treats wildcard hosts as loopback addresses, allowing the relay HTTP/WS server to bind to all interfaces when a wildcard cdpUrl...

9.1CVSS5.8AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2026/03/06 7:23 a.m.73 views

CVE-2026-29074

CVE-2026-29074 affects SVGO (SVG Optimizer), a Node.js library/CLI for optimizing SVGs. Versions 2.1.0–before 2.8.1, 3.0.0–before 3.3.3, and before 4.0.1 accept XML with custom entities without guards against entity expansion/recursion, enabling DoS via entity expansion that can stall or crash th...

7.5CVSS5.7AI score0.00612EPSS
Exploits1References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Cisco Nexus 3600 9500-R Series Switching Platforms Layer 2 Loop DoS (cisco-sa-nxos-ether-dos-Kv8YNWZ4)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. - A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated,...

7.4CVSS5.8AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.12 views

RHEL 10 : grafana (RHSA-2026:3831)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3831 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509:...

10CVSS6.7AI score0.01945EPSS
Exploits4References10
RedHat Linux
RedHat Linux
added 2026/03/05 9:1 a.m.4 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00451EPSS
Exploits2References8
NVD
NVD
added 2026/03/04 6:16 p.m.6 views

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS0.00414EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.7 views

PT-2026-23024

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the JSTokenize...

5.8CVSS6AI score0.00475EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: brotli (UTSA-2026-005387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005387 advisory. Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism...

7.5CVSS7.1AI score0.00509EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/03 7:3 a.m.5 views

CVE-2026-1876 Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series Ethernet module

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service DoS condition on the products by continuously sending UDP packets to the products. A...

8.7CVSS6AI score0.00426EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/02/25 9:47 a.m.7 views

Security update 5.1.2 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Backported security patches for Salt vendored tornado: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header paramete...

8.7CVSS5.5AI score0.00396EPSS
Exploits0References20
OSV
OSV
added 2026/02/25 9:15 a.m.4 views

SUSE-SU-2026:0623-1 Security update for python-tornado

This update for python-tornado fixes the following issues: - CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values bsc1254905. - CVE-2025-67726: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254904...

7.5CVSS5.4AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-14905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This...

7.2CVSS6.1AI score0.01038EPSS
Exploits0References3
OSV
OSV
added 2026/02/16 1:32 p.m.5 views

CLSA-2026-1771248733 Fix CVE(s): CVE-2025-68618, CVE-2025-69204

SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 SECURITY UPDATE: WriteSVGImage function, using an int variable to store numberattributes caused an integer overflow a...

7.5CVSS5.9AI score0.00552EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.7 views

CVE-2025-1924

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. The affected products and versions a...

8.2CVSS5.5AI score0.00191EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.5 views

CVE-2025-54147

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7545

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A flaw exists in Qsync Central that, if exploited by a remote attacker with a user account, could lead to a denial-of-service DoS attack. The issue is a NULL pointer dereference...

6.5CVSS5.5AI score0.00391EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.5 views

CVE-2026-0958

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through memory or CPU exhaustion by bypassing JSON validation middleware limits...

7.5CVSS5.9AI score0.00387EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/09 2:21 a.m.6 views

Important: Red Hat Security Advisory: brotli security update

An update for brotli is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00509EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.4 views

Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.13 / 11.0.x < 11.2.1 / 11.3.0 (JSDSERVER-16480)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16480 advisory. - Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30....

7.5CVSS5.9AI score0.01099EPSS
Exploits1References2
Rows per page
Query Builder