Lucene search
K

100 matches found

Cvelist
Cvelist
β€’added 5 days agoβ€’37 views

CVE-2026-22078 O+ Connect's lack of authentication for IPC channels led to a local privilege escalation vulnerability.

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...

7.3CVSS0.00089EPSS
Exploits0References1
RedhatCVE
RedhatCVE
β€’added 2026/05/29 8:13 a.m.β€’18 views

CVE-2026-9137

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...

7.5CVSS5.7AI score0.00365EPSS
Exploits0References1
NVD
NVD
β€’added 2026/05/20 8:16 p.m.β€’11 views

CVE-2026-9137

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...

7.5CVSS0.00365EPSS
Exploits0References1
EUVD
EUVD
β€’added 2026/05/20 6:43 p.m.β€’13 views

EUVD-2026-31155

The CSP report endpoint intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource exhaustion...

5.1CVSS5.7AI score0.00365EPSS
Exploits0References1
Cvelist
Cvelist
β€’added 2026/05/20 6:43 p.m.β€’33 views

CVE-2026-9137 CSP Report Endpoint Log Flooding in MISP via Incorrect Size Limit

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...

5.1CVSS0.00365EPSS
Exploits0References1
Positive Technologies
Positive Technologies
β€’added 2026/05/20 12:0 a.m.β€’11 views

PT-2026-42248

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CSP report endpoint incorrectly allowed reports up to 1 MB before truncation, despite being intended to limit logged CSP reports to 1 KB. When this endpoint ...

5.1CVSS5.7AI score0.00365EPSS
Exploits0References5
OSV
OSV
β€’added 2026/03/27 11:39 a.m.β€’1 views

BIT-ETCD-2026-33413 etcd: Authorization bypasses in multiple APIs

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...

8.8CVSS5.9AI score0.00249EPSS
Exploits0References2
OSV
OSV
β€’added 2026/03/26 2:16 p.m.β€’2 views

UBUNTU-CVE-2026-33413

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...

8.8CVSS5.8AI score0.00249EPSS
Exploits0References3
RedhatCVE
RedhatCVE
β€’added 2026/01/09 10:55 a.m.β€’8 views

CVE-2022-23455

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...

7.8CVSS7.4AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
β€’added 2026/01/01 12:0 a.m.β€’8 views

PT-2026-20305

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.22 Rack versions prior to 3.1.20 Rack versions prior to 3.2.5 Description The Rack::Directory component had a path check that used a string prefix match on the expanded path. A crafted request, such as /../root...

10CVSS5.5AI score0.35376EPSS
Exploits6References55
Tenable Nessus
Tenable Nessus
β€’added 2025/11/12 12:0 a.m.β€’5 views

EulerOS 2.0 SP10 : mod_http2 (EulerOS-SA-2025-2423)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

7.5CVSS7.2AI score0.01149EPSS
Exploits0References2
AstraLinux
AstraLinux
β€’added 2025/11/01 10:54 a.m.β€’4 views

Astra Linux – Vulnerability in Apache2

In certain proxy configurations, a denial-of-service attack against Apache HTTP Server versions 2.4.26 through 2.4.63 can occur when untrusted clients trigger an assertion in modproxyhttp2. The configurations affected include reverse proxies configured for HTTP/2 backends, where ProxyPreserveHost...

7.5CVSS7.1AI score0.01149EPSS
Exploits0References3
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’11 views

EUVD-2020-28061

Malware in sbrugna...

7.8CVSS7.5AI score0.00851EPSS
Exploits0References3
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’4 views

EUVD-2021-0119

Malware in sbrugna...

7.5CVSS7.4AI score0.01833EPSS
Exploits0References9
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’6 views

EUVD-2019-8507

Malware in sbrugna...

9.8CVSS7.4AI score0.02457EPSS
Exploits1References9
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’3 views

EUVD-2020-28060

Malware in sbrugna...

7.8CVSS7.5AI score0.00851EPSS
Exploits0References3
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’4 views

EUVD-2020-28062

Malware in sbrugna...

5.5CVSS5.5AI score0.00843EPSS
Exploits0References3
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’6 views

EUVD-2020-28059

Malware in sbrugna...

7.8CVSS7.5AI score0.00851EPSS
Exploits0References3
EUVD
EUVD
β€’added 2025/10/07 12:30 a.m.β€’4 views

EUVD-2020-28064

Malware in sbrugna...

7.8CVSS7.5AI score0.00851EPSS
Exploits0References3
EUVD
EUVD
β€’added 2025/10/03 8:7 p.m.β€’6 views

EUVD-2025-21017

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.01149EPSS
Exploits0References1
Rows per page
Query Builder