Lucene search
K

799 matches found

SUSE CVE
SUSE CVE
added 5 hours ago5 views

SUSE CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References3
Ubuntu
Ubuntu
added yesterday6 views

USN-8414-1: OpenSSL vulnerabilities

Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...

9.8CVSS6.1AI score
Exploits0
Cvelist
Cvelist
added yesterday10 views

CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-34183

CVE-2026-34183 describes an unbounded memory growth vulnerability in the QUIC PATH_CHALLENGE handler. A remote peer can flood a QUIC stack (client or server) with PATH_CHALLENGE frames, causing the stack to allocate a PATH_RESPONSE for each challenge. Those PATH_RESPONSE frames are freed only aft...

5.5AI score
Exploits0References5
OSV
OSV
added yesterday2 views

UBUNTU-CVE-2026-34183

Unbounded Memory Growth in the QUIC PATHCHALLENGE Handler...

5.4AI score
Exploits0References4
OSV
OSV
added yesterday2 views

UBUNTU-CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References5
OSV
OSV
added 2 days ago3 views

GHSA-5XRH-QMMQ-W6CH Netty: SCTP reassembly nests buffers without bound

For each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping the previous accumulator and the new slice into a new CompositeByteBuf every time. After N fragments the accumulator is an N-deep chain of composites, each holding...

7.5CVSS5.7AI score
Exploits0References4
OSV
OSV
added 2 days ago4 views

DEBIAN-CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References1
NVD
NVD
added 2 days ago3 views

CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS0.00037EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-43973

A flaw was found in gun. A malicious server can exploit this uncontrolled resource consumption vulnerability by sending a partial HTTP/1.1 response that never completes. This causes the client's memory buffer to grow without bounds, leading to unbounded heap growth and potentially exhausting all...

8.7CVSS5.7AI score0.0004EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2 days ago3 views

CVE-2026-11611 389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditions

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-35129

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References3
CVE
CVE
added 2 days ago10 views

CVE-2026-11611

CVE-2026-11611 concerns the Content Synchronization persistent search plugin in 389 Directory Server. The flaw enables denial of service via unbounded memory growth when an authenticated client stops reading sync responses, and there are additional race conditions in the plugin thread lifecycle t...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-11611 389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditions

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS0.00037EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2 days ago4 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3334 (ALAS-2026-3334)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3334 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory...

10CVSS5.8AI score0.00068EPSS
Exploits0References28
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-47625

Impact PROXY protocol support for Puma was added in version 5.5.0. When PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer. It waits for "r " to determine whether a PROXY v1 line is present. If an attacker opens a TCP connection and continuously sends bytes...

7.5CVSS5.9AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-47339

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00037EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-47611

For each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping the previous accumulator and the new slice into a new CompositeByteBuf every time. After N fragments the accumulator is an N-deep chain of composites, each holding...

7.5CVSS5.7AI score
Exploits0References5
Rows per page
Query Builder