Lucene search
K

180 matches found

CVE
CVE
added 2026/05/14 4:48 p.m.21 views

CVE-2026-44516

Valtimo (versions 12.4.0–12.33.0 and 13.26.0) contains a vulnerability in the web module where the LoggingRestClientCustomizer intercepts outgoing HTTP calls via Spring RestClient and logs full request/response bodies and headers. When errors occur, this data can appear in HttpClientErrorExceptio...

7.6CVSS5.8AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Flight 安全漏洞

Flight is a PHP microframework developed by Mike Cao. Versions of Flight prior to 3.18.1 contained a security vulnerability. This vulnerability stemmed from the default error handling mechanism Engine::error, which wrote the entire exception message into the HTTP 500 response. Without debugging...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 10:23 p.m.7 views

GHSA-XC4X-2452-5GC9 SillyTavern has a reflected XSS vulnerability in the CORS proxy middleware

Resolution Fixed in SillyTavern 1.18.0: a user-provided URL is no longer reflected in the HTTP response body. Overview - Vulnerability Type: XSS - Affected Location: src/middleware/corsProxy.js:40 - Trigger Scenario: reflected XSS in CORS proxy error response Root Cause When fetchurl throws, the...

6.9CVSS6.1AI score0.00323EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/12 10:23 p.m.9 views

SillyTavern has a reflected XSS vulnerability in the CORS proxy middleware

Resolution Fixed in SillyTavern 1.18.0: a user-provided URL is no longer reflected in the HTTP response body. Overview - Vulnerability Type: XSS - Affected Location: src/middleware/corsProxy.js:40 - Trigger Scenario: reflected XSS in CORS proxy error response Root Cause When fetchurl throws, the...

6.9CVSS6.1AI score0.00323EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.10 views

PT-2026-40547

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech voice models. A reflected Cross-Site Scripting XSS issu...

6.9CVSS6AI score0.00323EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 9:0 p.m.25 views

CVE-2026-41484

The CVE concerns OpenTelemetry.Exporter.OneCollector for .NET. In versions ≤1.15.0, HttpJsonPostTransport reads the full response body on non-200 HTTP responses, enabling a potential denial-of-service via unbounded memory allocation if the back-end endpoint or an interceptor returns an arbitraril...

5.9CVSS5.8AI score0.00338EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 9:0 p.m.12 views

CVE-2026-41484

OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...

5.3CVSS5.8AI score0.00338EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/29 8:17 p.m.10 views

OneCollector exporter reads unbounded HTTP response bodies

Summary When exporting telemetry to a back-end/collector over HTTP using the OpenTelemetry.Exporter.OneCollector exporter, if the request results in a unsuccessful request i.e. HTTP 4xx or 5xx, the response is read into memory with no upper-bound on the number of bytes consumed. This could cause...

5.9CVSS5.5AI score0.00338EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.36 views

CVE-2026-31613 smb: client: fix OOB reads parsing symlink error response

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

8.1CVSS0.00378EPSS
Exploits0References7
OSV
OSV
added 2026/04/24 2:42 p.m.1 views

CVE-2026-31613 smb: client: fix OOB reads parsing symlink error response

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

8.1CVSS6.3AI score0.00378EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/04/24 12:25 p.m.7 views

CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.6AI score0.00629EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/20 12:0 a.m.7 views

CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.8AI score0.00629EPSS
Exploits0References1
OSV
OSV
added 2026/04/20 12:0 a.m.6 views

UBUNTU-CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.9AI score0.00629EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/15 11:25 p.m.27 views

CVE-2026-40245 Free5GC: UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authentication

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability in the UDR Unified Data Repository service. The handler for GET /nudr-dr/v2/application-data/influenceData/subs-to-notify sends a...

7.5CVSS0.00506EPSS
Exploits1References1
CVE
CVE
added 2026/04/15 11:25 p.m.19 views

CVE-2026-40245

CVE-2026-40245 concerns Free5GC’s UDR service (versions 4.2.1 and below) where an information disclosure occurs via the 5G SBI endpoint GET /nudr-dr/v2/application-data/influenceData/subs-to-notify. When required query parameters are missing, the handler returns a 400 but does not stop execution,...

7.5CVSS5.9AI score0.00506EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/20 4:43 a.m.5 views

CVE-2026-33012 Micronaut Framework vulnerable to a Denial of Service in HTML error response caching

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache with no eviction policy in its DefaultHtmlErrorResponseBodyProvider. If the application throws an...

7.5CVSS5.7AI score0.00561EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/20 4:43 a.m.23 views

CVE-2026-33012 Micronaut Framework vulnerable to a Denial of Service in HTML error response caching

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache with no eviction policy in its DefaultHtmlErrorResponseBodyProvider. If the application throws an...

7.5CVSS0.00561EPSS
Exploits0References3
CVE
CVE
added 2026/03/20 4:43 a.m.22 views

CVE-2026-33012

CVE-2026-33012 affects the Micronaut Framework. Versions 4.7.0–4.10.16 use an unbounded ConcurrentHashMap cache in the DefaultHtmlErrorResponseBodyProvider with no eviction policy. If an exception message can be influenced by an attacker (e.g., via request query parameters), remote attackers coul...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/20 4:43 a.m.5 views

CVE-2026-33012 Micronaut Framework vulnerable to a Denial of Service in HTML error response caching

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache with no eviction policy in its DefaultHtmlErrorResponseBodyProvider. If the application throws an...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/17 6:39 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the DefaultHtmlErrorResponseBodyProvider class. An attacker can exhaust heap memory and cause a crash by sending requests that trigger exceptions with attacker-controlled messages...

8.7CVSS5.8AI score0.00561EPSS
Exploits0References2
Rows per page
Query Builder