Lucene search
K

1376 matches found

NVD
NVD
added yesterday5 views

CVE-2026-40007

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

7.5CVSS0.00139EPSS
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-40007

CVE-2026-40007 affects Apache IoTDB. The issue is an uncontrolled recursion in the AirGap receiver: when pipe_air_gap_receiver_enabled is true, readLength recursively processes E-language prefixes with no depth limit, allowing an unauthenticated attacker to exhaust the receiver thread’s JVM stack...

7.5CVSS6.1AI score0.00139EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday6 views

CVE-2026-40007 Apache IoTDB: Unauthenticated unbounded recursion in IoTDB AirGap receiver's E-language prefix parser causes per-connection StackOverflowError

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

0.00139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-40007

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

7.5CVSS6.1AI score0.00139EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday6 views

EUVD-2026-42835

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

7.5CVSS6.1AI score0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-40006 Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...

0.00177EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-40006

CVE-2026-40006 affects Apache IoTDB: when pipe_air_gap_receiver_enabled is true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 without authentication. The readLength method reads an attacker-controlled 32-bit integer from the socket and passes it to new byte[length] with...

7.5CVSS6.1AI score0.00177EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-40006

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...

7.5CVSS6.1AI score0.00177EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday6 views

EUVD-2026-42834

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...

7.5CVSS6.1AI score0.00177EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 9:16 p.m.5 views

CVE-2026-58460

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS0.00138EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 8:10 p.m.13 views

CVE-2026-58460

CVE-2026-58460 affects the React Native package react-native-receive-sharing-intent. A path traversal vulnerability allows a co-resident malicious app to write files outside the intended cache directory by supplying a crafted _display_name with dot-dot path components via a malicious ContentProvi...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 8:10 p.m.7 views

EUVD-2026-41437

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40584

Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00413EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-13898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

8.8CVSS6.4AI score0.00413EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13898

Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.9 views

CVE-2026-13898

Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00413EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13898

Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00413EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.15 views

CVE-2026-13898

CVE-2026-13898 affects Google Chrome’s Cast Receiver. A use-after-free flaw in the Cast Receiver component can be triggered by a crafted HTML page, enabling a remote attacker to execute arbitrary code inside the sandbox. Affected are Chrome versions prior to 150.0.7871.47; exploitation requires n...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13898

Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00413EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54175

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the Cast Receiver component. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. A remot...

9.6CVSS6.3AI score0.00413EPSS
Exploits0References438
Rows per page
Query Builder