Lucene search
+L

809 matches found

attackerkb
attackerkb
added yesterday3 views

CVE-2026-56434

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score
Exploits0References2Affected Software2
cve
cve
added yesterday35 views

CVE-2026-59762

CVE-2026-59762 affects BIG-IP’s TMM when an HTTP/2 profile is configured on a virtual server. Affected: HTTP/2 profile handling can cause undisclosed requests to increase memory resource utilization, leading to degraded system performance and potential DoS. This is a remote, unauthenticated data-...

8.7CVSS6.1AI score
Exploits0References1
nessus
nessus
added 2026/07/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as...

9.8CVSS6.2AI score0.00394EPSS
Exploits0References3
osv
osv
added 2026/07/08 1:49 p.m.4 views

CVE-2026-56362 ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization

ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting a...

2.1CVSS6.1AI score0.00188EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/06/29 7:43 p.m.7 views

CVE-2026-43706

A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

5.8AI score0.00182EPSS
Exploits0References3
osv
osv
added 2026/06/25 1:15 p.m.9 views

USN-8471-1 containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu...

9.4CVSS6.4AI score0.00781EPSS
Exploits0References4
cve
cve
added 2026/06/25 12:23 p.m.11 views

CVE-2026-40210

CVE-2026-40210 describes an out-of-bounds read that may occur when SetMacAddrAction is used. This could lead to uninitialized memory being sent over the network or to a crash. The CVSSv3.1 vector is AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L with a base score of 4.8 (MEDIUM). Exploitation details are no...

4.8CVSS5.9AI score0.00336EPSS
Exploits0References1
osv
osv
added 2026/06/24 9:32 a.m.4 views

SUSE-SU-2026:22462-1 Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-42.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-3150...

9.8CVSS7AI score0.03663EPSS
Exploits25References18
osv
osv
added 2026/06/24 9:30 a.m.5 views

USN-8466-1 libdbi-perl vulnerabilities

It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References3
ubuntu
ubuntu
added 2026/06/22 5:10 p.m.5 views

USN-8460-1: libxml2 vulnerabilities

It was discovered that libxml2 did not properly release memory allocated in the xmllint utility. An attacker could possibly use this issue to cause a denial of service. CVE-2026-1757 A type confusion vulnerability was found in libxml2 when processing a specially crafted XML document. A remote...

7.5CVSS5.8AI score0.00632EPSS
Exploits1
osv
osv
added 2026/06/20 6:49 a.m.2 views

SUSE-SU-2026:22189-1 Security update for perl-HTML-Parser

This update for perl-HTML-Parser fixes the following issue - CVE-2026-8829: HTML:Entities versions before 3.84 for Perl read freed heap memory in decodeentities bsc1267606...

7.5CVSS5.8AI score0.0031EPSS
Exploits0References3
redos
redos
added 2026/06/10 12:0 a.m.13 views

ROS-20260610-73-0004

The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS5.9AI score0.00363EPSS
Exploits0
nessus
nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.13.1 : glibc (EulerOS-SA-2026-2127)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version...

8.4CVSS7.5AI score0.00564EPSS
Exploits1References4
redhatcve
redhatcve
added 2026/06/05 7:32 p.m.12 views

CVE-2026-6052

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables...

7.5CVSS5.4AI score0.00243EPSS
Exploits0References1
rocky
rocky
added 2026/06/05 12:4 p.m.17 views

mod_http2 security update

An update is available for modhttp2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top o...

7.5CVSS6.8AI score0.04409EPSS
Exploits1
oraclelinux
oraclelinux
added 2026/06/05 12:0 a.m.12 views

ImageMagick security update

6.9.10.68-7.0.11 - Fix CVE-2026-32636 Orabug: 39375225 6.9.10.68-7.0.9 - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal...

7.5CVSS5.4AI score0.00475EPSS
Exploits0
nessus
nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-47319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before...

6.1CVSS6.2AI score0.00103EPSS
Exploits0References2
osv
osv
added 2026/06/04 11:16 p.m.9 views

DEBIAN-CVE-2026-10941

Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00419EPSS
Exploits0References1
redhat
redhat
added 2026/06/04 1:19 p.m.13 views

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References2
nessus
nessus
added 2026/06/03 12:0 a.m.10 views

AlmaLinux 8 : httpd:2.4 (ALSA-2026:22140)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22140 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in...

9.8CVSS6.4AI score0.04409EPSS
Exploits1References8
Rows per page
Query Builder