Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

RedhatCVE
RedhatCVEadded 2026/05/06 9:27 p.m.3 views

CVE-2026-43204

A flaw was found in the Linux kernel's ASoC Qualcomm qcom q6asm component. This vulnerability occurs when the system continues to process Digital Signal Processor DSP responses for data streams that have already been closed. An attacker could potentially exploit this by sending specific DSP...

5.5CVSS5.8AI score0.00014EPSS
Exploits0References4
NVD
NVDadded 2026/05/06 12:16 p.m.2 views

CVE-2026-43204

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce "ASoC: qcom: q6asm: handle the responses after closing"' attempted to ignore DSP responses arriving after a stream had been closed. However, those...

5.5CVSS0.00014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/05/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-43204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce ASoC: qcom: q6asm: handle the responses after closing' attempted to ignore DS...

5.5CVSS5.8AI score0.00014EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/02/13 7:18 p.m.3 views

CVE-2026-21438

webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their...

5.3CVSS5.6AI score0.0002EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/12 6:25 p.m.3 views

CVE-2026-21438

webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their...

5.3CVSS5.6AI score0.0002EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/02/12 6:25 p.m.20 views

CVE-2026-21438 webtransport-go affected by a Memory Exhaustion Attack due to Missing Cleanup of Streams Map

webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their...

5.3CVSS0.0002EPSS
Exploits0References2
OSV
OSVadded 2026/02/12 3:29 p.m.2 views

GHSA-2F2X-8MWP-P2GC webtransport-go: Memory Exhaustion Attack due to Missing Cleanup of Streams Map

Summary An attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their resources. Details webtransport-go maintains an internal map tracking...

5.3CVSS5.5AI score0.0002EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/02/12 3:29 p.m.3 views

webtransport-go: Memory Exhaustion Attack due to Missing Cleanup of Streams Map

Summary An attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their resources. Details webtransport-go maintains an internal map tracking...

5.3CVSS5.5AI score0.0002EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2026/02/12 12:0 a.m.2 views

webtransport-go 安全漏洞

webtransport-go is an open-source Go language library developed by quic-go. Versions of webtransport-go prior to 0.10.0 contained security vulnerabilities. These vulnerabilities stemmed from the failure to remove closed streams from the internal session mapping, which could lead to unlimited memo...

5.3CVSS5.8AI score0.0002EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/08/20 12:0 a.m.5 views

PT-2025-34149

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions =9.4.57 Eclipse Jetty versions =10.0.25 Eclipse Jetty versions =11.0.25 Eclipse Jetty versions =12.0.21 Eclipse Jetty version 12.1.0.alpha2 Description: An HTTP/2 client can trigger the server to send RST STREAM frames ...

7.7CVSS7.6AI score0.944EPSS
Exploits19References30
Github Security Blog
Github Security Blogadded 2025/08/13 7:6 p.m.12 views

Netty affected by MadeYouReset HTTP/2 DDoS vulnerability

Below is a technical explanation of a newly discovered vulnerability in HTTP/2, which we refer to as “MadeYouReset.” MadeYouReset Vulnerability Summary The MadeYouReset DDoS vulnerability is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to brea...

8.2CVSS7.2AI score0.00053EPSS
Exploits1References7Affected Software2
OSV
OSVadded 2025/08/13 7:6 p.m.4 views

GHSA-PRJ3-CCX8-P6X4 Netty affected by MadeYouReset HTTP/2 DDoS vulnerability

Below is a technical explanation of a newly discovered vulnerability in HTTP/2, which we refer to as “MadeYouReset.” MadeYouReset Vulnerability Summary The MadeYouReset DDoS vulnerability is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to brea...

8.2CVSS9.5AI score0.00053EPSS
Exploits1References7
Rows per page
Query Builder