Lucene search
+L

3601 matches found

NVD
NVD
added 6 hours ago6 views

CVE-2024-58365

SurrealDB versions before 1.2.0 contain an uncaught exception vulnerability in the query executor when processing calls to nonexistent built-in functions. Authorized clients can craft pre-parsed queries invoking nonexistent functions to trigger a panic that crashes the server...

7.1CVSS
Exploits0References2
NVD
NVD
added 6 hours ago7 views

CVE-2024-58361

SurrealDB versions before 2.0.4 contain an uncaught exception handling vulnerability in the parser error rendering code when processing empty strings. Authorized clients can execute malformed queries with empty string conversions to record, duration, or datetime types that cause a panic in error...

7.1CVSS
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2024-58369

SurrealDB is affected by CVE-2024-58369 in versions before 1.1.1. The issue stems from improper validation of invocation of custom parameters and functions at root or namespace levels, allowing authorized clients to trigger invocations at unsupported levels and crash the server, resulting in a de...

7.1CVSS5.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 7 hours ago3 views

CVE-2024-58365

SurrealDB versions before 1.2.0 contain an uncaught exception vulnerability in the query executor when processing calls to nonexistent built-in functions. Authorized clients can craft pre-parsed queries invoking nonexistent functions to trigger a panic that crashes the server...

7.1CVSS5.3AI score
Exploits0References3
EUVD
EUVD
added 7 hours ago5 views

EUVD-2024-55677

SurrealDB versions before 2.0.4 contain an uncaught exception handling vulnerability in the parser error rendering code when processing empty strings. Authorized clients can execute malformed queries with empty string conversions to record, duration, or datetime types that cause a panic in error...

7.1CVSS5.5AI score
Exploits0References2
NVD
NVD
added yesterday8 views

CVE-2026-59252

Improper Validation of Specified Quantity in Input in ZenHive mpp allows an unauthenticated remote client to drain the fee-payer wallet, resulting in denial of service for legitimate clients. When the mpp Elixir library is configured as fee payer feepayer: true, the MPP.Methods.Tempo payment meth...

8.2CVSS
Exploits0References4
EUVD
EUVD
added yesterday6 views

EUVD-2026-45160

Improper Validation of Specified Quantity in Input in ZenHive mpp allows an unauthenticated remote client to drain the fee-payer wallet, resulting in denial of service for legitimate clients. When the mpp Elixir library is configured as fee payer feepayer: true, the MPP.Methods.Tempo payment meth...

8.2CVSS5.8AI score
Exploits0References4
Circl
Circl
added 2 days ago6 views

CVE-2026-29114

creationtimestamp| type| source ---|---|--- 2026-07-16 19:00:12+00:00| seen| Telegram/vFDO5SwsZ7hIMyqUKVS5e9UBDOzM5D4lILt5pmQlyCTvgM 2026-07-16 19:00:12+00:00| seen| Telegram/vkQwkXUL30u3pRsZtV-s7rMERa3mU1vbncFib7BaHrS3aA 2026-07-17 00:00:27+00:00| seen|...

2.3CVSS4.8AI score0.0019EPSS
Exploits1
Cvelist
Cvelist
added 2 days ago38 views

CVE-2026-59860 Kiota: XML Doc-Comment Newline Breakout Code Injection

Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.3, Kiota is affected by a code-generation injection vulnerability in the C XML documentation-comment sink the description, externalDocs label, and externalDocs link fields emitted as /// … comments. When text from an OpenAPI...

8.7CVSS0.01016EPSS
Exploits0References4
CVE
CVE
added 2 days ago11 views

CVE-2026-59860

Kiota is an OpenAPI-based HTTP client code generator. Prior to 1.32.3, it is affected by a code-generation injection in the C# XML documentation-comment sink when OpenAPI descriptions are written into single-line /// comments without stripping newline/Unicode terminators, allowing injection into ...

8.7CVSS6.1AI score0.01016EPSS
Exploits0References4
Fedora
Fedora
added 2 days ago10 views

[SECURITY] Fedora 43 Update: xrdp-0.10.6.1-1.fc43

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

6.1AI score
Exploits0
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-44803

CVE-2026-55398 is a memory management vulnerability in Secure Access clients and servers prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against the server...

6.9CVSS6.1AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 3 days ago10 views

CVE-2026-55398

CVE-2026-55398 is a memory management vulnerability in Secure Access clients and servers prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a non-persistent DoS on the server. CVSS v4 base score 6.9 (Medium) with network attack, low complexit...

6.9CVSS6.1AI score0.00209EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-55398 Memory management vulnerability in Secure Access clients

CVE-2026-55398 is a memory management vulnerability in Secure Access clients and servers prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against the server...

6.9CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 3 days ago7 views

CVE-2026-40958

CVE-2026-40958 involves an input validation error in Secure Access clients prior to 14.55. The root cause is improper input validation in the tunnel protocol handling, allowing attackers with intimate knowledge and total control of the tunnel protocol to trigger a non-persistent DoS against the c...

3.7CVSS6.1AI score0.00223EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-40954 Integer underflow in Secure Access clients prior to 14.55

CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...

2.1CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 3 days ago8 views

CVE-2026-40954

The CVE-2026-40954 entry describes an integer underflow in the traffic parsing function of Secure Access clients prior to 14.55. The vulnerability can be exploited by attackers with intimate knowledge of and total control over the tunnel protocol to cause a non-persistent DoS against their client...

3.7CVSS6.1AI score0.00201EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-44784

CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...

6.7CVSS6.1AI score0.00073EPSS
Exploits0References1
CVE
CVE
added 3 days ago12 views

CVE-2026-40953

CVE-2026-40953: heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Local access with administrator permissions can cause a denial of service on the client. Affected software is Secure Access clients (versions before 14.55); root cause is a heap overflow in ...

6.7CVSS6.1AI score0.00073EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-40953

CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...

6.7CVSS6.1AI score0.00073EPSS
Exploits0References2
Rows per page
Query Builder