Lucene search
+L

58 matches found

cve
cve
added 2026/06/30 7:55 p.m.22 views

CVE-2026-10140

CVE-2026-10140 affects Langflow OSS voice mode (versions 1.0.0–1.10.0). The issue is improper shared-state handling that enables reuse of API clients across tenant boundaries, allowing an authenticated attacker to manipulate cache state and cause requests from other users to be processed with inc...

9.6CVSS5.8AI score0.00201EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/04/21 1:22 a.m.5 views

CVE-2026-29649

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

9.8CVSS5.7AI score0.00448EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/04/20 12:0 a.m.10 views

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. NEMU has a security vulnerability, which stems from implementation defects in the RISC-V Hypervisor CSR. This defect may lead to incorrect virtualization configuration execution, causing unexpected traps or denial-of-service...

9.8CVSS5.8AI score0.00448EPSS
Exploits0References2
nessus
nessus
added 2026/02/18 12:0 a.m.6 views

FreeBSD : powerdns-recursor -- Denial of Service (67793feb-0b5b-11f1-a1c0-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 67793feb-0b5b-11f1-a1c0-0050569f0b83 advisory. PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial o...

7.5CVSS5.7AI score0.00504EPSS
Exploits0References8
cvelist
cvelist
added 2025/12/09 9:16 a.m.28 views

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS0.00336EPSS
Exploits0References1
debiancve
debiancve
added 2025/12/09 9:16 a.m.7 views

CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS5.3AI score0.00336EPSS
Exploits0
vulnrichment
vulnrichment
added 2025/12/09 9:16 a.m.7 views

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS6.4AI score0.00336EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2025/12/09 9:16 a.m.5 views

CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS6.6AI score0.00336EPSS
Exploits0
openvas
openvas
added 2025/12/09 12:0 a.m.4 views

PowerDNS Recursor DoS Vulnerability (2025-07)

PowerDNS Recursor is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.8AI score0.00336EPSS
Exploits0References1
nessus
nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989506)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989506 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cacheshow The function cshow was called with protecti...

7.8CVSS6.1AI score0.00244EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-19028

Malware in sbrugna...

7.5CVSS7.6AI score0.01678EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2011-1329

Malware in sbrugna...

6.5CVSS6.2AI score0.00967EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/10/05 12:0 a.m.5 views

PT-2025-40955

Name of the Vulnerable Software and Affected Versions Dovecot IMAP Server versions 2.4.0 through 2.4.1 Description When cache is enabled, some passdb/userdb drivers incorrectly cache all users with the same cache key, leading to incorrect cached information being used. After a successful cached...

7.4CVSS6.3AI score0.00548EPSS
Exploits0References26
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-30280

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00476EPSS
Exploits0References2
ibm
ibm
added 2025/06/17 7:55 p.m.7 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable to Improper Cache Management. (CVE-2025-1348)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed an Improper Cache Management vulnerability. Vulnerability Details CVEID:CVE-2025-1348 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow a local user to obtain sensitive information from a user’s w...

4CVSS6.2AI score0.00128EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2025/05/23 4:39 a.m.10 views

CVE-2023-26460

Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity...

5.3CVSS7.2AI score0.00476EPSS
Exploits0References1
suse
suse
added 2025/05/21 9:58 a.m.2 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48933: netfilter: nftables: fix memory leak during stateful obj update bsc1229621. CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981...

8.5CVSS8.2AI score0.00266EPSS
Exploits0References174
nessus
nessus
added 2025/05/17 12:0 a.m.6 views

EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2025-1552)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server...

6.5CVSS6.5AI score0.0197EPSS
Exploits2References3
nessus
nessus
added 2025/05/14 12:0 a.m.16 views

Alibaba Cloud Linux 3 : 0083: bind (ALINUX3-SA-2023:0083)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0083 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2795: By flooding the target...

7.5CVSS7.3AI score0.03776EPSS
Exploits0References5
nvd
nvd
added 2025/05/01 3:16 p.m.10 views

CVE-2022-49882

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject attempts to consume or refresh inactive gfntopfncache Reject kvmgpccheck and kvmgpcrefresh if the cache is inactive. Not checking the active flag during refresh is particularly egregious, as KVM can end up with a vali...

7.8CVSS0.00157EPSS
Exploits0References2
Rows per page
Query Builder