Lucene search
+L

541 matches found

NVD
NVD
added 2026/07/07 10:16 p.m.9 views

CVE-2026-54602

FastGPT is a knowledge-based AI application platform. Prior to 4.15.0, GET /api/core/ai/record/getRecord authenticates the caller but loads LLM request and response traces only by requestId without team scoping, allowing any authenticated user to read another team's prompts, retrieved RAG chunks,...

7.1CVSS0.00227EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/06 9:17 a.m.5 views

CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS6AI score0.00344EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 8:3 a.m.3 views

PYSEC-2026-888 Uncontrolled Resource Consumption in asyncua and opcua

All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...

7.5CVSS7.1AI score0.01063EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.9 views

SUSE SLED15 / SLES15 Security Update : python-tornado (SUSE-SU-2026:2726-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2726-1 advisory. This update for python-tornado fixes the following issues - CVE-2026-49853: authorization header forwarded...

7.7CVSS6.2AI score0.00691EPSS
Exploits0References10
OSV
OSV
added 2026/07/02 2:13 p.m.3 views

PYSEC-2026-708 Improper Input Validation in OpenCV

OpenCV 3.0.0 allows remote attackers to cause a denial of service segfault via vectors involving corrupt chunks. This issue was fixed in OpenCV version 3.3.1 corresponding to OpenCV 3.3.1.11...

5.5CVSS6AI score0.01031EPSS
Exploits1References7
OSV
OSV
added 2026/07/02 1:54 p.m.4 views

SUSE-SU-2026:2726-1 Security update for python-tornado

This update for python-tornado fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.9AI score0.00691EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 1:52 p.m.5 views

SUSE-SU-2026:2725-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.9AI score0.00691EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/02 10:54 a.m.8 views

CVE-2026-11946

An unauthenticated remote attacker can exhaust server memory via the GetEndpoints Discovery Service in open62541. The endpointUrl field of GetEndpointsRequest is not validated for length. An attacker can declare an arbitrarily large string up to 4.09 GB via the UInt32 length field delivered acros...

7.5CVSS5.8AI score0.00386EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:12 a.m.9 views

CVE-2026-33592

An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service in open62541. The serverUris field of FindServersRequest is not validated for length or array size. An attacker can declare an arbitrarily large string up to 3.9 GB delivered across intermediate...

7.5CVSS5.8AI score0.00388EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size. CVE-2026-46601 Note that Nessus relies on the presence...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 9:55 a.m.3 views

SUSE-SU-2026:22445-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.9AI score0.00691EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 9:22 a.m.3 views

SUSE-SU-2026:22430-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.9AI score0.00691EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 8:9 a.m.3 views

SUSE-SU-2026:22286-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.8AI score0.00691EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 8:9 a.m.2 views

SUSE-SU-2026:22373-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.8AI score0.00691EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 8:0 a.m.3 views

OPENSUSE-SU-2026:21067-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.8AI score0.00691EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/26 2:13 a.m.5 views

SUSE CVE-2026-53004

In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...

7.8CVSS6AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.9 views

CVE-2026-53004

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unprivileged local user could exploit an out-of-bounds write vulnerability in the sctpgetsockoptpeerauthchunks function. This occurs due to an incorrect size check, allowing the kernel to write pas...

7.8CVSS6AI score0.00129EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the pee...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.8 views

EUVD-2026-38872

In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...

6AI score0.00129EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-53004

In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...

7.8CVSS0.00129EPSS
Exploits0References8
Rows per page
Query Builder