Lucene search
K

53 matches found

CVE
CVE
added 2 days ago13 views

CVE-2026-51541

OpENer 2.3.0 (commit 76b95cf) is affected by CVE-2026-51541 due to an out-of-bounds read in CIP message parsing when processing malformed explicit requests with a forged EPath size. An ENIP SendRRData frame carrying a short CIP payload with a larger declared path_size can cause the parser to cont...

9.1CVSS6.1AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-40208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame. CVE-2026-40208 Note that Nessus relies...

3.7CVSS6.1AI score0.00285EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 1:16 p.m.8 views

CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS0.00285EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 12:22 p.m.1 views

CVE-2026-40208 Denial of service via DoH3 queries

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39347

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 12:22 p.m.7 views

CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/25 12:22 p.m.6 views

CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0
OSV
OSV
added 2026/06/03 8:0 p.m.2 views

CVE-2026-10766 mlrun DataFrame Hash helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash

A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculatedataframehash of the file mlrun/utils/helpers.py of the component DataFrame Hash Handler. The manipulation leads to use of weak hash. The attack can only be performed from a local...

2CVSS4.5AI score0.00075EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21, and =12.1.0alpha2, an HTTP/2 client may trigger the server to send RSTSTREAM frames. This can happen by sending frames that are malformed or should not be sent under certain stream conditions, thereby forcing the server to consume...

7.7CVSS6.8AI score0.01567EPSS
Exploits0References2
OSV
OSV
added 2026/04/21 5:11 p.m.20 views

CLSA-2026-1776791510 nginx: Fix of 5 CVEs

CVE-2017-7529: fix integer overflow in range filter - CVE-2018-16843: fix excessive memory consumption in HTTP/2 - CVE-2018-16844: fix excessive CPU usage in HTTP/2 - CVE-2019-9511: fix excessive memory growth via HTTP/2 DATA frame manipulation - CVE-2019-9513: fix excessive CPU usage via HTTP/2...

7.8CVSS7AI score0.82017EPSS
Exploits6References1
CloudLinux
CloudLinux
added 2026/04/21 5:11 p.m.16 views

nginx: Fix of 5 CVEs

CVE-2017-7529: fix integer overflow in range filter - CVE-2018-16843: fix excessive memory consumption in HTTP/2 - CVE-2018-16844: fix excessive CPU usage in HTTP/2 - CVE-2019-9511: fix excessive memory growth via HTTP/2 DATA frame manipulation - CVE-2019-9513: fix excessive CPU usage via HTTP/2...

7.8CVSS8.7AI score0.82017EPSS
Exploits6
OSV
OSV
added 2026/04/21 5:8 p.m.17 views

CLSA-2026-1776791328 nginx: Fix of 5 CVEs

CVE-2017-7529: fix integer overflow in range filter - CVE-2018-16843: fix excessive memory consumption in HTTP/2 - CVE-2018-16844: fix excessive CPU usage in HTTP/2 - CVE-2019-9511: fix excessive memory growth via HTTP/2 DATA frame manipulation - CVE-2019-9513: fix excessive CPU usage via HTTP/2...

7.8CVSS7.3AI score0.82017EPSS
Exploits6References1
EUVD
EUVD
added 2026/04/06 6:33 p.m.6 views

EUVD-2026-19337

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...

7.6CVSS5.9AI score0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/06 3:33 p.m.27 views

CVE-2026-21381 Buffer Over-read in WLAN Firmware

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...

7.6CVSS0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 3:33 p.m.18 views

CVE-2026-21381

CVE-2026-21381 is described in connected records as a buffer over-read in WLAN firmware causing a transient denial-of-service when a service data frame with excessive length is processed during device matching over a neighborhood awareness network protocol. This CVE is associated with WLAN firmwa...

7.6CVSS5.9AI score0.00149EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/16 2:19 p.m.6 views

UBUNTU-CVE-2026-32314

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/13 8:4 p.m.3 views

EUVD-2026-12095

Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/13 8:4 p.m.12 views

Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145

Summary The Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new inbound stream, stream state is created and a receiver is queued before oversized-body validati...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/13 8:4 p.m.6 views

GHSA-VXX9-2994-Q338 Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145

Summary The Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new inbound stream, stream state is created and a receiver is queued before oversized-body validati...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References3
CVE
CVE
added 2026/03/13 7:53 p.m.30 views

CVE-2026-32314

CVE-2026-32314 affects the Rust Yamux implementation prior to 0.13.10. A crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULT_CREDIT (e.g., 262145) can cause a panic. On the first packet of a new inbound stream, a receiver is queued before oversized-body validation...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder