Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.10 views

CVE-2026-49841

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, the modverto HTTP request handler allocates a fixed 2 MiB buffer for a POST...

9.8CVSS5.6AI score0.00394EPSS
Exploits0References1
NVD
NVD
added 2026/05/08 3:16 p.m.10 views

CVE-2026-41585

ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the...

6.9CVSS0.00257EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 3:6 p.m.28 views

CVE-2026-41585 ZEBRA: Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients

ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the...

6.9CVSS0.00257EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 3:6 p.m.9 views

CVE-2026-41585

ZEBRA’s JSON-RPC HTTP middleware is vulnerable to Denial of Service via interrupted requests. Affected: zebrad 2.2.0–<4.3.1 and zebra-rpc 1.0.0-beta.45–

6.9CVSS5.8AI score0.00257EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:6 p.m.7 views

CVE-2026-41585

ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the...

6.9CVSS5.8AI score0.00257EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/21 7:5 p.m.6 views

GHSA-JWCH-W7WH-GQJM free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...

6.9CVSS6AI score0.09955EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/09 10:9 a.m.22 views

CVE-2026-21388 Unbounded Request Body Read in MS Teams Plugin {{/lifecycle}} Webhook Endpoint

Mattermost Plugins versions =2.3.1 fail to limit the request body size on the /lifecycle webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost Advisory ID: MMSA-2026-00610...

3.7CVSS0.00311EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/27 6:17 p.m.5 views

EUVD-2026-16744

Fleet's unbounded request body read allows remote Denial of Service...

8.7CVSS5.9AI score0.00434EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-20452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readMSATbody function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service application crash or possibly have...

8.8CVSS7.3AI score0.01505EPSS
Exploits1References2
OSV
OSV
added 2024/08/16 11:8 a.m.5 views

OESA-2024-1976 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were...

9.8CVSS8.7AI score0.00857EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2024/04/30 9:51 a.m.2 views

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

5.3CVSS7.3AI score0.01208EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.3 views

SUSE CVE-2020-15586

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...

7.5CVSS7.3AI score0.02893EPSS
Exploits0References8
OSV
OSV
added 2015/06/07 12:0 a.m.3 views

UBUNTU-CVE-2014-0230

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service thread consumption via a series of aborted uploa...

7.8CVSS6.7AI score0.20318EPSS
Exploits0References4
OSV
OSV
added 2005/05/05 4:0 a.m.1 views

DEBIAN-CVE-2005-1453

fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service crash by closing the connection while fetchnews is reading 1 an article header or 2 an article body, which also prevents fetchnews from querying other servers...

5CVSS6.9AI score0.0143EPSS
Exploits0References1
Rows per page
Query Builder