Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.24 views

AlmaLinux 9 : nodejs:24 (ALSA-2026:7350)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7350 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547...

9.8CVSS5.9AI score0.26356EPSS
Exploits1References20
OSV
OSV
added 2026/04/14 12:3 a.m.10 views

RLSA-2026:7896 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 minimatch: Minimatch: Denial of Service via catastrophi...

7.5CVSS5.8AI score0.26356EPSS
Exploits2References5
OSV
OSV
added 2026/04/08 12:0 a.m.6 views

ALSA-2026:7123 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547 minimatch: minimatch: Denial of Service via...

9.8CVSS6.9AI score0.26356EPSS
Exploits2References20
OSV
OSV
added 2026/02/06 3:57 p.m.7 views

OESA-2026-1307 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.17 views

NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2025-0240)

The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue...

9.8CVSS6AI score0.94999EPSS
Exploits15References25
Tenable Nessus
Tenable Nessus
added 2025/10/06 12:0 a.m.3 views

RockyLinux 10 : libsoup3 (RLSA-2025:8128)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8128 advisory. libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: Denial of service in server when client requests a large amount of...

7.5CVSS6.4AI score0.00728EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

EulerOS 2.0 SP10 : libsoup (EulerOS-SA-2025-2103)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages...

7.5CVSS6.2AI score0.00729EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-36420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This...

7.5CVSS7.3AI score0.01901EPSS
Exploits1References2
OSV
OSV
added 2025/08/20 12:0 a.m.7 views

ALSA-2025:14177 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125 apache-commons-fileupload: Apache...

7.5CVSS7.3AI score0.63258EPSS
Exploits1References16
OSV
OSV
added 2025/02/28 3:32 p.m.10 views

OESA-2025-1185 etcd security update

%expand: Security Fixes: Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.CVE-2022-1962 Requests forwarded by ReverseProxy include the raw query parameters...

7.5CVSS7AI score0.99999EPSS
Exploits23References14
RedhatCVE
RedhatCVE
added 2025/02/05 11:58 p.m.14 views

CVE-2022-29169

BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...

7.5CVSS6.7AI score0.01449EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/03/11 4:56 p.m.4 views

rubygem-actionpack: Action View string handling denial of service

actionpack/lib/actionview/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service memory consumption by including these strings in heade...

5CVSS6.9AI score0.06193EPSS
Exploits0References4
Rows per page
Query Builder