3440 matches found
EUVD-2026-42719
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...
CVE-2026-57030
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...
CVE-2026-57030 Junos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...
CVE-2026-57030
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...
CVE-2026-33800
An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for...
CVE-2026-33800 Junos OS: MX Series: In a VC scenario a high rate of micro-BFD session flaps will cause an FPC crash
An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for...
CVE-2026-51599
An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...
CVE-2026-51599
CVE-2026-51599 affects MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n. The issue is an insufficient input validation in the RTSP service where an RTSP request with a Content-Length header but no body causes the RTSP parser to enter a body-waiting state, leading to the connection being silently c...
CVE-2026-55470
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches in org.hl7.fhir.dstu2/utils/FHIRPathEngine.java to call raw String.matchessw...
CVE-2026-55470 HAPI FHIR: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches in org.hl7.fhir.dstu2/utils/FHIRPathEngine.java to call raw String.matchessw...
CVE-2026-55470
CVE-2026-55470 affects the DSTU2 module of HAPI FHIR (org.hl7.fhir.dstu2) where FHIRPathEngine.matches() still uses raw String.matches(sw) with no RegexTimeout, enabling unauthenticated attackers to trigger catastrophic regex backtracking and exhaust CPU. The issue is resolved by upgrading to 6.9...
CVE-2026-55574 vLLM: ReDoS via structured_outputs.regex compiled without timeout in xgrammar and outlines backends
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structuredoutputs.regex API parameter passes a user-supplied regular expression string directly to the grammar compiler backends with no compilation timeout; in the xgrammar backend the stri...
CVE-2026-55574
CVE-2026-55574 affects vLLM prior to 0.24.0, where structured_outputs.regex passes an unguarded user-supplied regex to grammar backends (xgrammar and outlines). In xgrammar, the string reaches the regex compiler without a timeout guard; in outlines, validation overlooks regex complexity (e.g., ne...
CVE-2026-26307
Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...
CVE-2026-26307
CVE-2026-26307 affects Gitea versions before 1.25.5. The vulnerability arises because the git grep searches do not enforce a timeout, allowing expensive searches to consume server resources and cause a DoS condition. Affected component: the Git subsystem within Gitea (as noted in multiple sources...
CVE-2026-26307
Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...
CVE-2026-26307 Gitea git grep search lacks a timeout
Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...
EUVD-2026-41631
Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...
UBUNTU-CVE-2026-53358
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: use chan timer to close channels in cleanuplisten l2capchanclose removes the channel from conn-chanl, which must be done under conn-lock. cleanuplisten runs under the parent sklock, so acquiring conn-lock would...
GHSA-65JJ-FMW8-468Q zebrad has unbounded memory leak in mempool download pipeline via timeout path cancel_handles retention
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listenaddr is set, which is the default. 3. Your node's mempool is active node is synced near the chain tip. All default configurations are affected. Summary The...