Lucene search
K

3960 matches found

Cvelist
Cvelist
added 3 days ago27 views

CVE-2026-40006 Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...

0.00323EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-42714

An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS.If the SIP ALG is enabled on an affected device, the...

8.7CVSS5.9AI score0.00461EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-57022

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device initiates a TCP...

8.2CVSS0.00405EPSS
Exploits0References1
NVD
NVD
added 4 days ago8 views

CVE-2026-57023

An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated, network-based attacker to cause a complete Denial of Service DoS. When TCP proxy is engaged in a flow session,...

8.7CVSS0.00461EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-57020

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on QFX10000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all QFX10000 platforms in an EVPN-VxLAN scenario, if an...

7.1CVSS6AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 4 days ago52 views

CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...

8.7CVSS0.00534EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 6 days ago6 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
NVD
NVD
added 2026/07/04 8:16 p.m.10 views

CVE-2026-14650

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS0.00116EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 12:31 a.m.7 views

EUVD-2026-41439

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3
CVE
CVE
added 2026/07/02 9:19 p.m.19 views

CVE-2026-12413

The CVE-2026-12413 issue affects Libreswan’s pluto daemon and is triggered by an invalidly formatted IKEv2 fragment. The root cause is an off-by-one error in the assertion within reassemble_v2_incoming_fragments(), which can cause the daemon to abort when handling certain outer payloads that are ...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-57585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of- bounds read/crash on Unpacker reuse after a caught erro...

7.5CVSS6AI score0.00278EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 10:16 p.m.4 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS0.00343EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.7 views

Important: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.1CVSS6AI score0.01335EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/01 4:30 p.m.41 views

CVE-2026-20243 ClamAV ALZ Archive Processing Denial of Service Vulnerability

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS0.00389EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2026/07/01 6:1 a.m.5 views

ruby:4.0 security update

An update is available for module.ruby, module.rubygem-mysql2, module.rubygem-pg, rubygem-mysql2, ruby, rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...

7.6CVSS6AI score0.00813EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/01 6:0 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.46 security and extras update

Red Hat OpenShift Container Platform release 4.18.46 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.9AI score0.00656EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 12:20 a.m.11 views

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

7.8CVSS6.5AI score0.00114EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-50734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker c...

7.5CVSS6AI score0.00796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

RockyLinux 9 : ruby:3.3 (RLSA-2026:33576)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33576 advisory. ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses CVE-2026-42245 ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol...

7.6CVSS6AI score0.00813EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/30 11:16 p.m.34 views

CVE-2026-54592 Oj: Stack Buffer Overflow in Oj::Doc#each_child via Deeply Nested Input

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...

7.5CVSS0.00263EPSS
Exploits0References1
Rows per page
Query Builder