Lucene search
K

6 matches found

OSV
OSV
added 2026/06/06 10:16 a.m.6 views

DEBIAN-CVE-2026-10725

Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...

7.5CVSS5.7AI score0.00414EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 12:16 p.m.6 views

DEBIAN-CVE-2026-50260

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 3:16 p.m.7 views

DEBIAN-CVE-2026-45022

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit or tag objects contain ambiguous or malformed headers, go-git’s decoded representation may expose...

7.5CVSS5.8AI score0.00159EPSS
Exploits0References1
OSV
OSV
added 2026/02/14 5:15 p.m.2 views

DEBIAN-CVE-2026-23201

In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...

5.5CVSS5.2AI score0.00112EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 8:42 a.m.1 views

BELL-CVE-2025-71189

Bulletin has no description...

5.5CVSS4.9AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2025/12/06 6:6 a.m.4 views

BELL-CVE-2025-40221

Bulletin has no description...

6.9AI score0.00155EPSS
Exploits0References1
Rows per page
Query Builder