Lucene search
K

84 matches found

OSV
OSV
added 2026/07/02 4:6 p.m.3 views

EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unbounded alloca calls in the PulseAudio protocol server. CVE-2026-14330 Note that Nessus relies on the presence of the package as reported by the...

5.5CVSS6.1AI score0.001EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 3:17 p.m.12 views

CVE-2026-14330

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS0.001EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 3:17 p.m.3 views

DEBIAN-CVE-2026-14330

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 3:17 p.m.3 views

UBUNTU-CVE-2026-14330

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS5.9AI score0.001EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:9 p.m.4 views

CVE-2026-14330

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 2:9 p.m.8 views

EUVD-2026-41007

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 2:9 p.m.5 views

CVE-2026-14330

Multiple unbounded alloca calls in the PulseAudio protocol server. Mitigation No practical mitigation beyond upgrading. The PulseAudio protocol server is a core module required for PulseAudio application compatibility...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51507

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description Multiple OS command injection issues exist in the Custom MCP Server feature. These occur due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker wi...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References12
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 5:57 a.m.54 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2026-24072, CVE-2026-28780, CVE-2026-34059, CVE-2026-33523, CVE-2026-41080, CVE-2026-33857, CVE-2026-34032]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2026-24072, CVE-2026-28780, CVE-2026-34059, CVE-2026-33523, CVE-2026-41080, CVE-2026-33857, CVE-2026-34032...

9.8CVSS5.8AI score0.01376EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2026/05/13 6:30 p.m.10 views

EUVD-2026-30004

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 2:12 p.m.33 views

CVE-2026-42920 BIG-IP DTLS Vulnerability

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40675

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic ca...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/28 1:22 a.m.5 views

CVE-2026-30350

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS5.3AI score0.00366EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 3:16 p.m.10 views

CVE-2026-30350

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS0.00366EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/27 12:0 a.m.32 views

CVE-2026-30350

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

0.00366EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35433

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

5.3AI score0.00366EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/27 12:0 a.m.7 views

EUVD-2026-25855

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS5.3AI score0.00366EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/27 12:0 a.m.5 views

CVE-2026-30350

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

5.3AI score0.00366EPSS
Exploits0References2
CVE
CVE
added 2026/04/27 12:0 a.m.16 views

CVE-2026-30350

Technical details are not publicly available in the provided documents. Monitor updates from primary sources for affected components, exact versions, and remediation guidance.

7.5CVSS5.3AI score0.00366EPSS
Exploits0References2
Rows per page
Query Builder