Lucene search
K

3213 matches found

Nuclei
Nuclei
added 13 hours ago10 views

webp_server_go 0.4.0 - Path Traversal

webpservergo 0.4.0 contains a path traversal caused by insufficient sanitization in file handling, letting attackers read arbitrary files on the server, exploit requires attacker to send crafted requests. id: CVE-2021-46104 info: name: webpservergo 0.4.0 - Path Traversal author: pikpikcu severity...

7.5CVSS7.2AI score0.04231EPSS
Exploits1References1
EUVD
EUVD
added 16 hours ago4 views

EUVD-2026-40420

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS5.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-42342

A flaw was found in React Router and @remix-run/server-runtime. A remote attacker can exploit this vulnerability by sending certain crafted requests to the manifest endpoint. This can lead to unbounded path expansion, consuming disproportionate server resources. The primary consequence is a denia...

7.5CVSS5.7AI score0.00299EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-40984

A flaw was found in Micrometer. A remote attacker can provide specially crafted HTTP requests, which may lead to a denial-of-service DoS condition. This vulnerability allows an attacker to disrupt the availability of the affected system...

7.5CVSS5.9AI score0.00573EPSS
Exploits0References4
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/24 3:34 a.m.30 views

CVE-2026-12488 GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability...

6.2CVSS0.00197EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 8:16 p.m.8 views

CVE-2026-10852

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

7.5CVSS0.0026EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 7:32 p.m.6 views

CVE-2026-10852

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

5.9CVSS5.8AI score0.0026EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 7:32 p.m.18 views

CVE-2026-10852

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/22 7:32 p.m.4 views

CVE-2026-10852 Websphere Application Server is Affected By a Denial of Service in IBM WebSphere Application Server Liberty

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

5.9CVSS5.8AI score0.0026EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 7:32 p.m.4 views

EUVD-2026-38346

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server...

5.9CVSS5.8AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 2:53 p.m.29 views

CVE-2026-9320 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...

5.9CVSS0.00323EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 2:47 p.m.30 views

CVE-2026-9071 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by Uncontrolled Resource Consumption

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...

7.5CVSS0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.9 views

PT-2026-51349

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description A denial of service issue exists where a remote attacker can se...

7.5CVSS5.8AI score0.00314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.8 views

PT-2026-51351

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description A denial of service issue exists where a remote attacker can se...

7.5CVSS5.8AI score0.00323EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in dcmtk

DCMTK through version 3.6.6 does not handle memory deallocation properly. The malloc function allocates heap memory for data parsing, but does not deallocate that memory when there are errors in parsing. Sending specific requests to the dcmqrdb program leads to memory leaks. An attacker can use...

7.5CVSS6.7AI score0.01595EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in json-smart

A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4, which causes a denial of service DOS through a crafted web request...

7.5CVSS6.5AI score0.023EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Zabbix

The Zabbix server is vulnerable to a Denial-of-Service DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, causing the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations. This...

6.5CVSS6.5AI score0.00334EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 4:17 p.m.19 views

CVE-2026-20220

Cisco CVE-2026-20220 affects the web-based management interface of Cisco Crosswork Network Controller. The root cause is insufficient input validation in the configuration template engine. An authenticated attacker with write permissions to a template user can send crafted requests to execute arb...

6.3CVSS6.2AI score0.00253EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2026-50872

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request...

0.0056EPSS
Exploits0References1
Rows per page
Query Builder