Lucene search
K

447 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 11:30 a.m.6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
NVD
NVD
added 2026/06/30 1:19 p.m.9 views

CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS0.00215EPSS
Exploits0References3
NVD
NVD
added 2026/06/28 7:16 p.m.14 views

CVE-2026-49048

The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation...

9.8CVSS0.00505EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/28 6:37 p.m.42 views

CVE-2026-49048 Joomla Extension - joomcoder.com - Unauthenticated SQL Injection in JoomCCK extension for Joomla < 6.4.1

The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation...

8.7CVSS0.00505EPSS
Exploits1References1
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.234 views

SAP Memory Pipes (MPI) Desynchronization

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This...

10CVSS7.7AI score0.97945EPSS
Exploits8References5
OSV
OSV
added 2026/06/25 1:55 p.m.2 views

SUSE-SU-2026:2634-1 Security update for python-pip

This update for python-pip fixes the following issues - CVE-2026-3219: pip doesn't reject concatenated ZIP bsc1262429. - CVE-2026-6357: pip self-update functionality can import newly installed modules after wheel installation bsc1263442. - CVE-2026-8643: path traversal via malicious entry point...

8CVSS6.4AI score0.0032EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 11:0 a.m.4 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.2AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/06/22 9:1 p.m.4 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.2AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/06/18 5:24 p.m.6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/06/11 1:58 p.m.21 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/06/11 1:57 p.m.10 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.2AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/06/11 1:53 p.m.8 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.2AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.15 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Logseq 操作系统命令注入漏洞

Logseq is an open-source knowledge management and collaboration platform developed by Logseq. Version Logseq v0.10.15 contains a vulnerability related to operating system command injection. This vulnerability stems from the IPC handler allowing renderer processes to execute shell commands, and...

8.7CVSS6.4AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 4:12 p.m.19 views

EUVD-2026-35126

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

9.4CVSS5.6AI score0.00542EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 4:12 p.m.35 views

CVE-2026-41448

CVE-2026-41448 affects AdGuard Home when started with --glinet. The vulnerability stems from unsanitized path construction in the authglinet middleware, enabling an authentication bypass via a crafted path traversal sequence in the Admin-Token cookie/header, yielding unauthenticated full admin ac...

9.4CVSS5.6AI score0.00542EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/04 2:30 a.m.14 views

SUSE CVE-2026-6873

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one wher...

4.8CVSS5.8AI score0.00245EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/05/26 2:54 p.m.10 views

Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" do...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References50
RedHat Linux
RedHat Linux
added 2026/05/20 1:36 p.m.17 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/05/20 11:57 a.m.20 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
Rows per page
Query Builder