Lucene search
K

3440 matches found

EUVD
EUVD
added yesterday7 views

EUVD-2026-42719

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...

8.2CVSS6AI score0.00381EPSS
Exploits0References2
NVD
NVD
added 2 days ago7 views

CVE-2026-57030

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...

8.2CVSS0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57030 Junos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...

8.2CVSS0.00381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-57030

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...

8.2CVSS6AI score0.00381EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-33800

An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for...

7.1CVSS5.9AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-33800 Junos OS: MX Series: In a VC scenario a high rate of micro-BFD session flaps will cause an FPC crash

An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for...

7.1CVSS0.00269EPSS
Exploits0References1
NVD
NVD
added 2 days ago10 views

CVE-2026-51599

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

9.8CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-51599

CVE-2026-51599 affects MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n. The issue is an insufficient input validation in the RTSP service where an RTSP request with a Content-Length header but no body causes the RTSP parser to enter a body-waiting state, leading to the connection being silently c...

9.8CVSS6AI score0.00182EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-55470

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches in org.hl7.fhir.dstu2/utils/FHIRPathEngine.java to call raw String.matchessw...

7.5CVSS0.00354EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-55470 HAPI FHIR: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches in org.hl7.fhir.dstu2/utils/FHIRPathEngine.java to call raw String.matchessw...

7.5CVSS0.00354EPSS
Exploits0References3
CVE
CVE
added 3 days ago20 views

CVE-2026-55470

CVE-2026-55470 affects the DSTU2 module of HAPI FHIR (org.hl7.fhir.dstu2) where FHIRPathEngine.matches() still uses raw String.matches(sw) with no RegexTimeout, enabling unauthenticated attackers to trigger catastrophic regex backtracking and exhaust CPU. The issue is resolved by upgrading to 6.9...

7.5CVSS5.9AI score0.00354EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-55574 vLLM: ReDoS via structured_outputs.regex compiled without timeout in xgrammar and outlines backends

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structuredoutputs.regex API parameter passes a user-supplied regular expression string directly to the grammar compiler backends with no compilation timeout; in the xgrammar backend the stri...

8.7CVSS0.00324EPSS
Exploits0References3
CVE
CVE
added 5 days ago10 views

CVE-2026-55574

CVE-2026-55574 affects vLLM prior to 0.24.0, where structured_outputs.regex passes an unguarded user-supplied regex to grammar backends (xgrammar and outlines). In xgrammar, the string reaches the regex compiler without a timeout guard; in outlines, validation overlooks regex complexity (e.g., ne...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-26307

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

7.5CVSS0.00466EPSS
Exploits0References4
CVE
CVE
added 2026/07/03 8:19 p.m.13 views

CVE-2026-26307

CVE-2026-26307 affects Gitea versions before 1.25.5. The vulnerability arises because the git grep searches do not enforce a timeout, allowing expensive searches to consume server resources and cause a DoS condition. Affected component: the Git subsystem within Gitea (as noted in multiple sources...

7.5CVSS6AI score0.00466EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.5 views

CVE-2026-26307

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

6AI score0.00466EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.35 views

CVE-2026-26307 Gitea git grep search lacks a timeout

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

0.00466EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 8:19 p.m.6 views

EUVD-2026-41631

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

6AI score0.00466EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 12:0 a.m.4 views

UBUNTU-CVE-2026-53358

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: use chan timer to close channels in cleanuplisten l2capchanclose removes the channel from conn-chanl, which must be done under conn-lock. cleanuplisten runs under the parent sklock, so acquiring conn-lock would...

5.8AI score0.00165EPSS
Exploits0References11
OSV
OSV
added 2026/07/02 8:12 p.m.2 views

GHSA-65JJ-FMW8-468Q zebrad has unbounded memory leak in mempool download pipeline via timeout path cancel_handles retention

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listenaddr is set, which is the default. 3. Your node's mempool is active node is synced near the chain tip. All default configurations are affected. Summary The...

5.3CVSS5.7AI score
Exploits0References4
Rows per page
Query Builder