Lucene search
K

49861 matches found

RedHat Linux
RedHat Linux
added 3 days ago5 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Commo...

9.8CVSS7.2AI score0.11471EPSS
Exploits9References8
NVD
NVD
added 3 days ago7 views

CVE-2026-14966

BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted...

3.1CVSS0.00291EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Juniper Junos OS Vulnerability (JSA110086)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110086 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an...

8.7CVSS6.1AI score0.00461EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 days ago6 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
OSV
OSV
added 4 days ago7 views

RLSA-2026:34357 Important: opentelemetry-collector security update

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint CVE-2026-42154 github.com/prometheus/prometheus:...

8.2CVSS7.3AI score0.00939EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (June 2026 - Part 1 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2026-50010 DESCRIPTION: Netty is a network application framework for...

9.1CVSS6.9AI score0.00533EPSS
Exploits0Affected Software1
Debian CVE
Debian CVE
added 5 days ago5 views

CVE-2026-13708

Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in ireadjpegwiol. ireadjpegwiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with iptcitext = mymalloc... and overwrites the previous...

7.5CVSS6.1AI score0.00375EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-58226

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score0.00438EPSS
Exploits0References5Affected Software1
OSV
OSV
added 5 days ago5 views

OESA-2026-2836 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

5.9AI score
Exploits0References2
OSV
OSV
added 5 days ago6 views

OESA-2026-2802 rubygem-faraday security update

HTTP/REST API client library Security Fixes: Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a...

7.5CVSS6.1AI score0.00391EPSS
Exploits1References3
OSV
OSV
added 5 days ago4 views

BIT-ACTIVEMQ-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.9AI score0.00707EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 5 days ago9 views

Linux Distros Unpatched Vulnerability : CVE-2018-25282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential...

6.9CVSS6AI score0.00121EPSS
Exploits0References2
NVD
NVD
added last week10 views

CVE-2026-14650

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS0.00116EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/03 11:6 p.m.12 views

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak System

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak System version 2.3.6.1 and IBM Cloud Pak System version 2.3.5.1. Vulnerability Details CVEID:CVE-2025-0395 DESCRIPTION: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for...

9.4CVSS7.5AI score0.64718EPSS
Exploits12Affected Software4
SUSE CVE
SUSE CVE
added 2026/07/03 3:26 a.m.7 views

SUSE CVE-2026-20216

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS7.1AI score0.00389EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/03 12:31 a.m.6 views

EUVD-2026-41439

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

Python Library aiohttp < 3.14.1 Multiple Vulnerabilities

The version of the aiohttp Python library installed on the remote host is prior to 3.14.1. It is, therefore, affected by multiple vulnerabilities: - Prior to 3.14.1, no limit was present on the number of pipelined requests that could be queued. An attacker may be able to use pipelined requests to...

8.7CVSS6AI score0.00322EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.7 views

Cisco Secure Endpoint Multiple ClamAV DoS (cisco-sa-clamav-88cFYyxR)

According to its self-reported version, Cisco Secure Endpoint is affected by multiple vulnerabilities. - A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory...

7.5CVSS7.3AI score0.00463EPSS
Exploits0References11
CVE
CVE
added 2026/07/02 9:19 p.m.18 views

CVE-2026-12413

The CVE-2026-12413 issue affects Libreswan’s pluto daemon and is triggered by an invalidly formatted IKEv2 fragment. The root cause is an off-by-one error in the assertion within reassemble_v2_incoming_fragments(), which can cause the daemon to abort when handling certain outer payloads that are ...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/02 7:38 p.m.37 views

CVE-2026-58578 LobeChat < 2.2.10-canary.15 - Regular Expression Denial of Service in GitHub Skill Import

LobeChat before version 2.2.10-canary.15 contains a regular expression denial of service ReDoS vulnerability that allows authenticated attackers to block the Node.js event loop by supplying a catastrophic-backtracking pattern in a GitHub repository URL path during skill import. Attackers can craf...

7.1CVSS0.00305EPSS
Exploits0References5
Rows per page
Query Builder