Lucene search
K

6158 matches found

NVD
NVD
added yesterday4 views

CVE-2026-42486

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-23559

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday3 views

netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads

A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by sending specially crafted Redis payloads across multiple connections without proper termination. This can exhaust the server's direct memory pool, leading to a Denial of Service DoS condition where legitima...

7.5CVSS5.9AI score0.00371EPSS
Exploits0References7
EUVD
EUVD
added yesterday4 views

EUVD-2026-42608

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.2AI score
Exploits0References1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-42486 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-42607

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.2AI score
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-23562 Multiple RBAC issues in XAPI

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-42603

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-42602

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS7.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 4 days ago5 views

undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing

A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from...

8.8CVSS6.6AI score0.00323EPSS
Exploits0References6
CVE
CVE
added 6 days ago23 views

CVE-2026-14647

ONNX Runtime (onnxruntime) up to 1.21.x is affected by CVE-2026-14647 due to a weakness in convPoolShapeInference_opset19 in ONNX’s old.cc (onnx/defs/nn). The root cause is an out-of-bounds read introduced in this path, enabling remote exploitation. Public exploits exist per the description. Reme...

5.3CVSS5.5AI score0.00253EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-55726

Name of the Vulnerable Software and Affected Versions onnx versions prior to 1.22.0 Description A weakness in the onnxruntime component allows for a remote out-of-bounds read. This occurs within the convPoolShapeInference opset19 function located in the onnx/defs/nn/old.cc file. Recommendations...

5.3CVSS6AI score0.00253EPSS
Exploits0References12
Snyk
Snyk
added 2026/07/03 8:18 a.m.6 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the connection pool process. An attacker can bypass intended certificate validation by reusing a handle that initially used the default native CA trust and then switching it to custom CA...

9.1CVSS6AI score0.0061EPSS
Exploits1References2
NVD
NVD
added 2026/07/03 7:16 a.m.7 views

CVE-2026-11564

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

9.1CVSS0.0061EPSS
Exploits1References3
CVE
CVE
added 2026/07/03 6:16 a.m.17 views

CVE-2026-8932

CVE-2026-8932 : The vulnerability describes incomplete mTLS config matching in libcurl’s connection reuse logic. A previously used TLS client-certificate-related setting (notably the private key) was omitted from the configuration match checks, causing connections in the pool to be reused even wh...

7.5CVSS6.2AI score0.00368EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/07/03 6:16 a.m.7 views

EUVD-2026-41509

libcurl would reuse a previously created connection even when some mTLS config related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, some TLS...

6.2AI score0.00368EPSS
Exploits1References3
CVE
CVE
added 2026/07/03 6:14 a.m.16 views

CVE-2026-8458

CVE-2026-8458 affects libcurl where, under Negotiate-authenticated requests, a logical error can cause a reused connection to be authenticated for a different service. This could allow a request to be served using credentials for another service, impacting integrity (high) and potentially exposin...

6.5CVSS6AI score0.00543EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/07/03 6:14 a.m.45 views

CVE-2026-8458 wrong reuse for different services

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

0.00543EPSS
Exploits1References3
EUVD
EUVD
added 2026/07/03 6:12 a.m.8 views

EUVD-2026-41499

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

6AI score0.0061EPSS
Exploits1References3
Rows per page
Query Builder