Lucene search
K

126356 matches found

EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40284

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

7.5CVSS6AI score0.00524EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, and Apache ActiveMQ All allows an unauthenticated network attacker to cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The broker may allocate memor...

7.5CVSS5.7AI score0.00524EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

0.00495EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-53916 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...

0.00524EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-53917

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message...

7.5CVSS5.7AI score0.00524EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40275

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS5.8AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-10763

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS0.00347EPSS
Exploits0References1
CVE
CVE
added 2 days ago11 views

CVE-2026-10763

PROMOD V uses insecure HTTP due to missing HTTPS support from a 3rd party Digipede server. Concrete details available: the issue is a lack of HTTPS causing exposure over network. CVSS metrics indicate HIGH confidentiality impact and overall HIGH severity (7.0). Exploitation specifics, affected ve...

7CVSS5.8AI score0.00347EPSS
Exploits0References1
NVD
NVD
added 2 days ago9 views

CVE-2026-12818

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...

9.3CVSS0.00253EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago5 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.5AI score0.0028EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago3 views

mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()

A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References6
NVD
NVD
added 3 days ago9 views

CVE-2026-55957

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1...

7.3CVSS0.00252EPSS
Exploits0References2
CVE
CVE
added 3 days ago8 views

CVE-2026-13763

This CVE affects AWS Application Load Balancer (ALB) with AWS WAF enabled, where inconsistent interpretation of HTTP/2 requests can allow bypass of WAF body inspection when the request body is fragmented across frames, leading to partial inspection. Affected component: HTTP/2 ALB target groups; r...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: net/ipv6: ioam6: prevent schema length wraparound in trace fill

A flaw was found in the Linux kernel's IPv6 In-situ Operations, Administration, and Maintenance IOAM6 trace fill functionality. An integer overflow vulnerability exists in the ioam6filltracedata function, where the schema length calculation can wrap around due to being stored in an 8-bit unsigned...

9.8CVSS6.9AI score0.00409EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.5AI score0.0028EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago5 views

firefox: thunderbird: Use-after-free in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...

8.8CVSS5.7AI score0.00382EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago4 views

httpd: mod_md: unrestricted OCSP response leads to resource exhaustion

A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...

7.3CVSS7AI score0.00628EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago5 views

Moderate: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.3CVSS7AI score0.00628EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-58000

luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the clmeta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration...

8.8CVSS6AI score0.01401EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-40172

luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the clmeta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration...

8.8CVSS6AI score0.01401EPSS
Exploits0References3
Rows per page
Query Builder