Lucene search
K

3752 matches found

Nuclei
Nuclei
added yesterday15 views

Multiple Thrive Themes < 2.0.0 - Arbitrary File Upload

Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by...

9.1CVSS7.1AI score0.03946EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-58250

A flaw was found in NATS Server, a high-performance messaging system. An unauthenticated attacker with network access to a leafnode listener, where compression is enabled, could exploit this vulnerability. By sending repeated leafnode INFO protocol messages during the pre-authentication handshake...

7.5CVSS6AI score0.00732EPSS
Exploits0References8
CVE
CVE
added 4 days ago8 views

CVE-2026-14461

The CVE-2026-14461 entry affects mtr up to version 0.96, where ipinfo_lookup() performs DNS AS lookups and can be triggered by a TXT response larger than 512 bytes with a crafted compression pointer, causing an out-of-bounds read. The function uses the response length as the end-of-message bounda...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-14461 Out-of-bound read in mtr

mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...

5.1CVSS0.00303EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago17 views

EUVD-2026-34015

Tesla has decompression bomb on response body...

8.2CVSS5.9AI score0.00329EPSS
Exploits0References5
NVD
NVD
added 6 days ago6 views

CVE-2026-58250

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.12.8 and 2.11.17, an unauthenticated peer with network access to a leafnode listener with compression enabled could crash the server during the pre-authentication leafnode handshake by...

7.5CVSS0.00732EPSS
Exploits0References5
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-58250 NATS Server: Pre-auth server crash via double INFO in leafnode handshake

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.12.8 and 2.11.17, an unauthenticated peer with network access to a leafnode listener with compression enabled could crash the server during the pre-authentication leafnode handshake by...

7.5CVSS0.00732EPSS
Exploits0References5
CVE
CVE
added 6 days ago6 views

CVE-2026-59803

The CVE-2026-59803 entry concerns rpcx (up to version 1.9.3) with a denial-of-service flaw in protocol.Message.Decode. When a message carries the compression flag, payloads are gzip-decompressed via util.Unzip without a decompressed-size limit; MaxMessageLength is checked only against the compres...

8.7CVSS6AI score0.00408EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 6 days ago4 views

httpd: httpd: HTTP/2 Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS7.1AI score0.11471EPSS
Exploits8References6
RedHat Linux
RedHat Linux
added 6 days ago3 views

httpd: httpd: HTTP/2 Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS7.1AI score0.11471EPSS
Exploits8References6
Fedora
Fedora
added 6 days ago15 views

[SECURITY] Fedora 43 Update: python-cramjam-2.11.0-12.fc43

Thin Python bindings to de/compression algorithms in Rust...

5.9AI score
Exploits0
Fedora
Fedora
added 6 days ago11 views

[SECURITY] Fedora 44 Update: python-cramjam-2.11.0-12.fc44

Thin Python bindings to de/compression algorithms in Rust...

5.9AI score
Exploits0
Fedora
Fedora
added 6 days ago11 views

[SECURITY] Fedora 44 Update: python-fastar-0.11.0-7.fc44

The fastar library wraps the Rust tar, flate2, and zstd crates, providing a high-performance way to work with compressed and uncompressed tar archives in Python...

6AI score
Exploits0
RedHat Linux
RedHat Linux
added last week7 views

httpd: httpd: HTTP/2 Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS7.1AI score0.11471EPSS
Exploits8References6
CVE
CVE
added 2026/07/06 9:3 a.m.9 views

CVE-2026-58226

CVE-2026-58226 affects the hpax component of elixir-mint. The vulnerability is in Elixir.HPAX.Types:decode_remaining_integer/3 , which decodes HPACK integers without an upper bound, allowing an unauthenticated attacker to trigger excessive CPU and transient memory via a small HTTP/2 header block....

8.7CVSS6.1AI score0.00438EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 9:3 a.m.4 views

EEF-CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax

Summary Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score0.00438EPSS
Exploits0References4
Fedora
Fedora
added 2026/07/04 1:7 a.m.12 views

[SECURITY] Fedora 43 Update: 7zip-26.02-1.fc43

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

6AI score
Exploits0
Fedora
Fedora
added 2026/07/04 1:7 a.m.56 views

[SECURITY] Fedora 43 Update: openvpn-2.6.21-1.fc43

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

6AI score
Exploits0
Fedora
Fedora
added 2026/07/04 12:51 a.m.9 views

[SECURITY] Fedora 44 Update: openvpn-2.7.5-1.fc44

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

6AI score
Exploits0
Fedora
Fedora
added 2026/07/03 12:56 a.m.12 views

[SECURITY] Fedora 44 Update: 7zip-26.02-1.fc44

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

5.8AI score
Exploits0
Rows per page
Query Builder