8 matches found
CVE-2026-50750
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...
CLSA-2026-1777396609 openssl: Fix of 3 CVEs
CVE-2026-28388: fix NULL dereference in checkdeltabase when a Delta CRL lacks the CRL Number extension - CVE-2026-28389: fix NULL dereference in dh/ecdhcmssetsharedinfo when KeyEncryptionAlgorithmIdentifier has no parameters field - CVE-2026-28390: fix NULL dereference in rsacmsdecrypt when the...
CVE-2025-40336
No description is available for this CVE...
CVE-2025-39731
In the Linux kernel, the following vulnerability has been resolved: f2fs: vmunmapram may be called from an invalid context When testing F2FS with xfstests using UFS backed virtual disks the kernel complains sometimes that f2fsreleasedecompmem calls vmunmapram from an invalid context. Example trac...
PT-2025-1339 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: In the ip6 append data function of ip6 output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to a local privilege escalation...
PT-2024-25661 · Unknown · O-Ran E2T I-Release
Name of the Vulnerable Software and Affected Versions: O-RAN E2T I-Release affected versions not specified Description: The issue is related to a NULL pointer dereference in the buildPrometheusList function. This occurs because the peerInfo can be NULL. Recommendations: At the moment, there is no...
PT-2024-4466 · Devika · Devika
Name of the Vulnerable Software and Affected Versions: Devika affected versions not specified Description: The issue is related to a cross-site request forgery CSRF attack. It may allow a remote attacker to exploit the vulnerability, potentially enabling them to perform unauthorized actions...
PT-2023-21170 · Npm · @Fastify/Csrf-Protection
Name of the Vulnerable Software and Affected Versions: @fastify/csrf-protection versions prior to 4.1.0 @fastify/csrf-protection versions prior to 6.3.0 Description: The CSRF protection mechanism in the @fastify/csrf-protection library can be bypassed by network and same-site attackers under...