Lucene search
K

4227 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If the start stream fails, the buffers should be returned with the state “VB2BUFSTATEQUEUED”. Currently, buffers are returned with the state “VB2BUFSTATEERROR”, which is incorrect. This issue has been fixed. This...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support SMIME, CMS, and PKCS7 streaming capabilities. However, it can also be called directly by end-user applications. This function receives a BIO from...

7.5CVSS7AI score0.04494EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Wireshark

RTSP protocol dissector crashes in Wireshark versions 4.6.0 to 4.6.4...

5.5CVSS5.8AI score0.00124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled. The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check whether the .startstreaming operation has been called. It then decides whether t...

5.5CVSS5.6AI score0.0015EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50889

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An out-of-bounds read occurs in the NI grpc-device streaming API because of a missing bounds check. This issue can lead to a denial of service if an attacker provides a specially crafted writ...

8.7CVSS5.9AI score0.00343EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51014

Name of the Vulnerable Software and Affected Versions urllib3 version 2.6.3 Brotli version 1.2.0 Description A decompression bomb bypass exists in the streaming API preload content=False when Brotli support is used. This occurs because three independent code paths in response.py bypass the max...

7.5CVSS7.4AI score0.00304EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.21 views

PT-2026-50888

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An untrusted pointer dereference exists in the sideband streaming API. This issue allows an attacker to trigger an arbitrary memory dereference, which could lead to remote code execution...

9.8CVSS6.3AI score0.00549EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/18 1:55 p.m.16 views

CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

6CVSS0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.12 views

PT-2026-50675

Name of the Vulnerable Software and Affected Versions Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1 V1.0.6.020230803 Description A broken authorization boundary in the RTSP Real Time Streaming Protocol, a network control protocol for delivering audio and video med...

6CVSS5.8AI score0.00154EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/17 11:38 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 security and extras update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.5AI score0.00656EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/16 7:39 a.m.7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.1 security and extras update

Red Hat OpenShift Container Platform release 4.22.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.5AI score0.00656EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 9:55 p.m.13 views

CVE-2026-48854

The CVE-2026-48854 affects the elixir-grpc/grpc project. The vulnerability resides in Elixir.GRPC.Server.Adapters.Cowboy.Handler:read_full_body/3, which accumulates every received chunk into a growing binary with no size cap. If the grpc-timeout header is omitted, per-chunk read timeouts resolve ...

8.7CVSS5.4AI score0.00344EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 9:55 p.m.4 views

EEF-CVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc

Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read\full\body/3...

8.7CVSS5.4AI score0.00344EPSS
Exploits0References4
Fedora
Fedora
added 2026/06/15 1:11 a.m.15 views

[SECURITY] Fedora 43 Update: python-python-multipart-0.0.32-1.fc43

Python-Multipart is a streaming multipart parser for Python...

5.3AI score
Exploits0
Fedora
Fedora
added 2026/06/15 12:51 a.m.10 views

[SECURITY] Fedora 44 Update: python-python-multipart-0.0.32-1.fc44

Python-Multipart is a streaming multipart parser for Python...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/06/13 12:34 a.m.11 views

EUVD-2026-36621

OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictions. Attackers can modify QQBot streaming configuration outside intended admin policy by reaching t...

7.7CVSS5.2AI score0.00172EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/12 11:6 p.m.4 views

User Impersonation

Overview @openclaw/qqbot is an OpenClaw QQ Bot channel plugin for group and direct-message workflows. Affected versions of this package are vulnerable to User Impersonation in the QQBot streaming command. An attacker can alter configuration settings by accessing the command without meeting explic...

7.7CVSS5.9AI score0.00172EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/12 11:6 p.m.7 views

User Impersonation

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to User Impersonation in the QQBot streaming command. An attacker can alter configuration settings by accessing the command without meeting explicit allowlist entry requirements. Remediation...

7.7CVSS5.9AI score0.00172EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 10:16 p.m.10 views

CVE-2026-53833

OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictions. Attackers can modify QQBot streaming configuration outside intended admin policy by reaching t...

7.7CVSS0.00172EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:56 p.m.7 views

CVE-2026-53833 QQBot for OpenClaw < 2026.4.29 - Authorization Bypass via QQBot Streaming Command

OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictions. Attackers can modify QQBot streaming configuration outside intended admin policy by reaching t...

7.7CVSS5.2AI score0.00172EPSS
Exploits0References2
Rows per page
Query Builder