Lucene search
K

38671 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-40267

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3
CVE
CVE
added 4 days ago4 views

CVE-2026-52193

The CVE-2026-52193 entry affects UTT nv518G/nv518GV3 with version 3.2.7-210919-161313. A Buffer Overflow in the gohead/sub_447CAC component allows a remote attacker to cause a denial of service. Public details across sources confirm the vulnerable component and impact; no mitigation or patch deta...

7.5CVSS5.8AI score0.00423EPSS
Exploits0References2
CVE
CVE
added 4 days ago4 views

CVE-2026-52198

CVE-2026-52198 describes a Buffer Overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313, in the gohead/sub_425994 component. The vulnerability allows a remote attacker to cause a denial of service. Connected documents consistently reference the same affected software and component; no explicit ...

7.5CVSS5.8AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago21 views

CVE-2026-52195

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub472f08 component...

0.00452EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago22 views

CVE-2026-52196

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub416f28 component...

0.00452EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-53947

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.10.0 Description Improper validation of flow nodes that have missing or empty component type fields can lead to arbitrary code execution. Arbitrary code execution occurs when an attacker can run...

9.8CVSS6.6AI score0.00357EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-54379

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in WebAppInstalls allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Recommendations Update Google...

9.8CVSS6.3AI score0.00383EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago4 views

PT-2026-54150

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An out of bounds read occurs in the Layout component, which allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out...

6.5CVSS6AI score0.00294EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-54336

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update...

6.5CVSS6AI score0.0022EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago4 views

PT-2026-54154

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory via...

5.3CVSS6AI score0.00265EPSS
Exploits0References4
OSV
OSV
added 5 days ago4 views

DEBIAN-CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS0.00261EPSS
Exploits0References2
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References7
Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-55955

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

6.5CVSS5.7AI score0.00261EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-55955 Apache Tomcat: EncryptInterceptor not protected against replay attacks

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

0.00261EPSS
Exploits0References1
CVE
CVE
added 5 days ago34 views

CVE-2026-55955

CVE-2026-55955 describes an improper authentication flaw in Apache Tomcat’s EncryptionInterceptor for Tribes clustering, allowing a replay attack. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.13–9.0.18, 8.5.38–8.5.100, and 7.0.100–7.0.109. Remediation is to upgrade t...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References2Affected Software1
NVD
NVD
added 5 days ago5 views

CVE-2026-37637

An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php component...

9.1CVSS0.00471EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 5 days ago6 views

Security Bulletin: Flow Validation Bypass via Empty Component Type Field

Summary A vulnerability in flow validation logic allowed attackers to bypass custom component restrictions by submitting flow nodes with empty or missing type fields. When custom components were disabled, the validator silently skipped nodes lacking a type value instead of blocking them, enabling...

9.8CVSS6.4AI score0.00357EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 5 days ago6 views

firefox: thunderbird: Incorrect boundary conditions in the Internationalization component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Internationalization component...

5.4CVSS5.7AI score0.00164EPSS
Exploits0References6
Rows per page
Query Builder