Lucene search
K

6946 matches found

Vulnrichment
Vulnrichment
added 2026/06/01 9:14 p.m.12 views

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00071EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 7:16 p.m.16 views

CVE-2026-40990

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

6.5CVSS0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:49 p.m.10 views

CVE-2026-40990

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/01 5:49 p.m.17 views

EUVD-2026-33734

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 12:0 p.m.8 views

RLSA-2026:22305 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

7.5CVSS5.9AI score0.0076EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/01 11:21 a.m.14 views

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

7.5CVSS5.7AI score0.00337EPSS
Exploits0References5
OSV
OSV
added 2026/06/01 6:3 a.m.12 views

RLSA-2026:22142 Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

7.5CVSS5.9AI score0.0076EPSS
Exploits1References5
OSV
OSV
added 2026/06/01 6:3 a.m.10 views

RLSA-2026:22143 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

7.5CVSS5.9AI score0.0076EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/01 3:18 a.m.13 views

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS5.9AI score0.0076EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/01 3:18 a.m.14 views

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

7.5CVSS5.7AI score0.00337EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2026/06/01 12:0 a.m.26 views

Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0076EPSS
Exploits1References10
Cvelist
Cvelist
added 2026/05/29 4:58 p.m.34 views

CVE-2026-5768 Fourth Frontier Frontier X Mobile Application, Frontier X2 Missing Authentication for Critical Function

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range to perform unauthorized control of device functions, including starting/stopping activities,...

8.8CVSS0.0028EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:2 a.m.8 views

drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()

...

7.8CVSS5.4AI score0.00139EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:21 a.m.16 views

SUSE CVE-2026-34043

Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service DoS vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object an object that inherits from Array.prototype but ha...

7.5CVSS5.7AI score0.00472EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-45021

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description A sandbox escape exists that allows attackers to execute arbitrary code on the host system. This is achieved by combining Buffer.call.call. lookupGetter , Buffer, " proto ", Buffer.call.call. lookupSett...

10CVSS6.2AI score0.004EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

SUSE SLES15 Security Update : php7 (SUSE-SU-2026:2091-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2091-1 advisory. This update for php7 fixes the following issues - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code...

9.8CVSS6.5AI score0.0076EPSS
Exploits1References19
CVE
CVE
added 2026/05/28 7:44 p.m.25 views

CVE-2026-42399

CVE-2026-42399 describes an Uncontrolled Resource Consumption (CWE-400) vulnerability in Kibana where an authenticated, low-privilege user can trigger a denial of service by submitting a specially crafted Timelion visualization expression with deeply chained function calls. This causes an exponen...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/28 8:12 a.m.11 views

CVE-2026-44410

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

3.8CVSS5.8AI score0.00131EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 6:16 a.m.15 views

CVE-2026-9009

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filtercontent function. This is due to passing the attacker-supplied 'callbackraw' shortcode attribute directly into calluserfunc with n...

8.8CVSS0.00446EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2026/05/27 11:44 p.m.17 views

K000161455: glibc vulnerability CVE-2026-0861

Security Advisory Description Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have...

8.4CVSS7.4AI score0.00352EPSS
Exploits1
Rows per page
Query Builder