Lucene search
+L

1433 matches found

nvd
nvd
added yesterday6 views

CVE-2026-59762

When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Impact: System performance can degrade until the TMM process is either forced to restart or is manually restarted. This vulnerability allows a remote,...

8.7CVSS
Exploits0References1
cvelist
cvelist
added yesterday26 views

CVE-2026-59762 BIG-IP HTTP/2 vulnerability

When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Impact: System performance can degrade until the TMM process is either forced to restart or is manually restarted. This vulnerability allows a remote,...

8.7CVSS
Exploits0References1
euvd
euvd
added yesterday5 views

EUVD-2026-44679

When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Impact: System performance can degrade until the TMM process is either forced to restart or is manually restarted. This vulnerability allows a remote,...

8.7CVSS6.1AI score
Exploits0References1
nvd
nvd
added 2 days ago3 views

CVE-2026-15713

A vulnerability was found in libsoup's HTTP/2 protocol implementation. The library fails to correctly release memory context blocks under specific stream termination conditions, such as when an HTTP/2 connection encounters window exhaustion or explicit stream resets. A remote, unauthenticated...

5.9CVSS0.00349EPSS
Exploits0References3
cve
cve
added 2 days ago5 views

CVE-2026-15712

CVE-2026-15712 affects libsoup’s HTTP/2 connection tracking in/libsoup3 (versions 3.0–3.7.0) where the GOAWAY frame’s Additional Debug Data is parsed as a NUL-terminated C-string without strict length checks. This permits a remote, unauthenticated attacker to send malformed GOAWAY frames, causing...

5.9CVSS6.1AI score0.00498EPSS
Exploits0References3
nvd
nvd
added 2 days ago8 views

CVE-2026-59246

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...

6.3CVSS0.00305EPSS
Exploits0References4
cvelist
cvelist
added 2 days ago26 views

CVE-2026-59246 Zero-length HTTP/2 CONTINUATION frames bypass Mint's header-block byte-size cap and exhaust client memory

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...

6.3CVSS0.00305EPSS
Exploits0References4
euvd
euvd
added 2 days ago5 views

EUVD-2026-43643

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...

6.3CVSS6.2AI score0.00305EPSS
Exploits0References4
osv
osv
added 3 days ago2 views

SUSE-SU-2026:2925-1 Security update for curl

This update for curl fixes the following issues - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-8286: wrong STARTTLS connection reuse bsc1268402. - CVE-2026-8458: wrong reuse for different services bsc1268407. - CVE-2026-8924: traling dot domain super cookie...

9.8CVSS6.3AI score0.01064EPSS
Exploits11References23
rocky
rocky
added 3 days ago5 views

nginx:1.24 security, bug fix, and enhancement update

An update is available for nginx, module.nginx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

9.2CVSS7.4AI score0.03552EPSS
Exploits1
redhat
redhat
added 3 days ago6 views

Important: Red Hat Security Advisory: nginx:1.24 security, bug fix, and enhancement update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.2CVSS7.4AI score0.03552EPSS
Exploits1References2
redhat
redhat
added 3 days ago5 views

nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers

A flaw was found in NGINX. When NGINX is configured to proxy HTTP/2 traffic using the ngxhttpproxyv2module or ngxhttpgrpcmodule with specific settings, a remote, unauthenticated attacker can send specially crafted large headers. This can trigger a heap-based buffer overflow, leading to a restart ...

9.2CVSS7.2AI score0.03552EPSS
Exploits1References5
osv
osv
added 6 days ago1 views

SUSE-SU-2026:2850-1 Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-random, terraform-provider-susepubliccloud, terraform-provider-tls

This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-random, terraform-provider-susepubliccloud, terraform-provider-tls fixes the following issue -...

7.5CVSS6.7AI score0.00781EPSS
Exploits0References4
susecve
susecve
added 6 days ago6 views

SUSE CVE-2026-10536

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

5.5CVSS6.1AI score0.00891EPSS
Exploits1References8
nessus
nessus
added 6 days ago9 views

EulerOS 2.0 SP12 : kata-containers (EulerOS-SA-2026-2534)

"According to the versions of the kata-containers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input...

9.1CVSS6.7AI score0.00522EPSS
Exploits1References2
euvd
euvd
added last week12 views

EUVD-2026-33939

mint: Unbounded streams map growth via PUSHPROMISE without follow-up HEADERS...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References5
euvd
euvd
added last week16 views

EUVD-2026-33940

mint: Unbounded CONTINUATION/HEADERS frame accumulation CONTINUATION flood...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References5
osv
osv
added last week2 views

SUSE-SU-2026:2831-1 Security update for rustup

This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. - CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. - CVE-2026-25727: time: parsing of user-provid...

9.8CVSS7.1AI score0.00412EPSS
Exploits1References25
osv
osv
added last week2 views

SUSE-SU-2026:2830-1 Security update for warewulf4

This update for warewulf4 fixes the following issues: Update to v4.7.0. Security issues fixed: - CVE-2025-69725: incorrect input validation in the RedirectSlashes function can lead to an open redirect bsc1258511. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when giv...

9.6CVSS6.5AI score0.00781EPSS
Exploits0References11
redhat
redhat
added 2026/07/09 3:29 p.m.4 views

netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the DelegatingDecompressorFrameListener class. This resource leak could lead to an Out Of Memory Error OOME, potentially causing a Denial of Service DoS by taking down th...

7.5CVSS6AI score0.00594EPSS
Exploits0References7
Rows per page
Query Builder