Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/05/13 2:58 p.m.7 views

CVE-2026-44456 Hono: bodyLimit() can be bypassed for chunked / unknown-length requests

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.16, bodyLimit does not reliably enforce maxSize for requests without a usable Content-Length e.g. Transfer-Encoding: chunked. Oversized requests can reach handlers and return 200 instead of 413. Th...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002768)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002768 advisory. The tcpdisconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service tcpselectwindow divide-by-zero error and...

5.5CVSS6.6AI score0.00445EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/29 4:50 p.m.4 views

EUVD-2025-36674

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in wexpressionmatch when strlen is called on strtest, because the corresponding buffer is not being properly NULL terminated during its allocation in OSCleanMSG...

6.9CVSS6.4AI score0.0035EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.6 views

PT-2025-44326

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.12.0 Description Wazuh, a free and open source platform for threat prevention, detection, and response, contains a flaw where a buffer over-read can occur in the w expression match function. This happens when strlen i...

7.5CVSS6.7AI score0.0035EPSS
Exploits1References6
Patchstack
Patchstack
added 2024/08/06 6:38 a.m.5 views

WordPress Ajax Search Lite plugin < 4.12.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Ajax Search Lite versions 4.12.1...

4.8CVSS6.1AI score0.00367EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/09/21 1:15 a.m.6 views

CVE-2020-14180

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions...

4.3CVSS5.8AI score0.00848EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/01/10 12:0 a.m.5 views

PT-2017-9029 · Chicken +1 · Chicken Scheme +1

Name of the Vulnerable Software and Affected Versions: CHICKEN Scheme versions prior to 4.12 Description: The issue arises from the "process-execute" and "process-spawn" procedures in CHICKEN Scheme, which utilize fixed-size buffers to hold arguments and environment variables for the execve call...

9.8CVSS7.8AI score0.04523EPSS
Exploits0References26
Rows per page
Query Builder