Lucene search
K

1400 matches found

Vulnrichment
Vulnrichment
added 2026/06/10 12:41 p.m.9 views

CVE-2026-52756 Ghidra < 12.2 - Unauthenticated Path Traversal in Debugger ISF Server

Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation. Remote attackers can connect to port 54321 and send crafted protobuf message...

6.3CVSS5.6AI score0.00457EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

ESP-IDF 安全漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 of ESP-IDF contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the session setting path of the protocomm...

7.1CVSS6AI score0.00325EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

EulerOS 2.0 SP11 : protobuf (EulerOS-SA-2026-2223)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypasse...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

EulerOS 2.0 SP11 : protobuf (EulerOS-SA-2026-2260)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypasse...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.10.0 : protobuf (EulerOS-SA-2026-2059)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : protobuf (EulerOS-SA-2026-2182)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

EulerOS Virtualization 2.12.0 : protobuf (EulerOS-SA-2026-2109)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.12.1 : protobuf (EulerOS-SA-2026-2084)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.1 : protobuf (EulerOS-SA-2026-2143)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS5.6AI score0.00613EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.11 views

CVE-2026-40891

OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could...

5.3CVSS5.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6409

A Denial of Service DoS vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep recursion—can be used to crash the application, impacting service availability...

7.1CVSS5.4AI score0.0036EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.12 views

PT-2026-48345

Summary Every transaction gossiped on the klever-go P2P network is decoded and validated synchronously inside the libp2p pubsub topic-validator callback. The validator txVersionChecker.CheckTxVersion dereferences tx.RawData.Version with no nil check. A protobuf Transaction whose embedded RawData...

7.5CVSS5.5AI score0.00058EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 8:56 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.21.12-cp37-abi3-manylinux2014_x86_64.whl and protobuf-4.25.7-cp37-abi3-manylinux2014_x86_64.whl which is vulnerable to CVE-2025-4565

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.21.12-cp37-abi3-manylinux2014x8664.whl and protobuf-4.25.7-cp37-abi3-manylinux2014x8664.whl which is vulnerable to CVE-2025-4565.This bulletin contains information addressing the vulnerability. Vulnerabili...

8.2CVSS6.5AI score0.00281EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 8:54 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.25.3-cp37-abi3-manylinux2014_x86_64.whl, protobuf-6.33.4-cp39-abi3-manylinux2014_x86_64.whl which is vulnerable to CVE-2026-0994

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.25.3-cp37-abi3-manylinux2014x8664.whl, protobuf-6.33.4-cp39-abi3-manylinux2014x8664.whl which is vulnerable to CVE-2026-0994.This...

8.2CVSS6.6AI score0.00613EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/27 4:13 a.m.15 views

SUSE CVE-2023-43632

As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The communication with this server is done using...

9.9CVSS7.3AI score0.00541EPSS
Exploits0References3
Veracode
Veracode
added 2026/05/23 5:55 a.m.13 views

Denial Of Service (DoS)

Wire is vulnerable to Denial of Service DoS. The vulnerability is due to improper validation of negative lengths in protobuf group-skipping logic, which allows an attacker to trigger an unchecked runtime exception and crash applications processing crafted protobuf payloads...

5.8AI score0.00055EPSS
Exploits0References5Affected Software2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in protobuf-c, libsignal-protocol-c

Protobuf-c before version 1.4.1 has an unsigned integer overflow in the parserequiredmember field...

5.5CVSS6.3AI score0.00369EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in protobuf

A parsing vulnerability exists for the MessageSet type in ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1, and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1, and 4.21.5 for protobuf-python. A specially...

7.5CVSS6.8AI score0.01191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in protobuf

A issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in a way that would cause them to be processed out of order. A small malicious payload can occupy the parser for several minutes by creating a large number of short-lived objects, resulting in frequent...

7.5CVSS6.6AI score0.01655EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in protobuf

Any project that uses the Protobuf Pure-Python backend to parse untrusted Protocol Buffers data—which may contain an arbitrary number of recursive groups, recursive messages, or a series of SGROUP tags—can be corrupted when the Python recursion limit is exceeded. This can lead to a...

8.2CVSS6.3AI score0.00281EPSS
Exploits0References2
Rows per page
Query Builder