Lucene search
+L

43 matches found

NVD
NVD
added last week6 views

CVE-2026-57221

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any authenticated user who can connect to a virtual host to enumerate queue and...

5.3CVSS0.00271EPSS
Exploits1References6
OSV
OSV
added last week3 views

CVE-2026-57221 RabbitMQ: Passive queue/exchange declaration bypasses authorization checks, leaking queue metadata to unprivileged users

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any authenticated user who can connect to a virtual host to enumerate queue and...

5.3CVSS6.1AI score0.00271EPSS
Exploits1References8
Cvelist
Cvelist
added last week32 views

CVE-2026-57221 RabbitMQ: Passive queue/exchange declaration bypasses authorization checks, leaking queue metadata to unprivileged users

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ does not perform authorization checks on passive queue.declare and exchange.declare AMQP 0-9-1 operations, allowing any authenticated user who can connect to a virtual host to enumerate queue and...

5.3CVSS0.00271EPSS
Exploits1References6
OSV
OSV
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53008 ice: fix race condition in TX timestamp ring cleanup

In the Linux kernel, the following vulnerability has been resolved: ice: fix race condition in TX timestamp ring cleanup Fix a race condition between icefreetxtstampring and icetxmap that can cause a NULL pointer dereference. icefreetxtstampring currently clears the ICETXFLAGSTXTIME flag after...

4.7CVSS5.8AI score0.00077EPSS
Exploits0References5
OSV
OSV
added 2026/03/24 3:53 p.m.4 views

MAL-2026-2377 Malicious code in no-function-declare-after-return (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40f5de9e9b3e66259de31f34cf47ef3b38b8fefc1e80d860c6dab7cade495bca The package no-function-declare-after-return was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 3:53 p.m.7 views

Malicious code in no-function-declare-after-return (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40f5de9e9b3e66259de31f34cf47ef3b38b8fefc1e80d860c6dab7cade495bca The package no-function-declare-after-return was found to contain malicious code...

5.9AI score
Exploits0
NVD
NVD
added 2026/01/15 7:16 p.m.7 views

CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

5.5CVSS0.00188EPSS
Exploits1References1
OSV
OSV
added 2026/01/15 7:16 p.m.5 views

UBUNTU-CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

5.5CVSS5.8AI score0.00188EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/15 12:0 a.m.24 views

CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

0.00188EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from a heap buffer overflow vulnerability that stems from the ghidmxdeclareopidbin function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00188EPSS
Exploits1References2
CVE
CVE
added 2026/01/15 12:0 a.m.25 views

CVE-2025-70302

GPAC vulnerability CVE-2025-70302: A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 can be triggered by crafted input to cause a Denial of Service. The issue is rooted in improper handling/validation of the input length, leading to heap-based memory corruption. Multiple c...

5.5CVSS6.6AI score0.00188EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2026/01/15 12:0 a.m.6 views

CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

5.5CVSS5.3AI score0.00188EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-6441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The zvalgetlongfuncex in Zend/zendoperators.c in PHP 7.1.2 allows attackers to cause a denial of service NULL pointer dereference and application crash via...

7.5CVSS7.4AI score0.01832EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/04/05 2:24 a.m.6 views

SUSE CVE-2025-29072

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...

7.5CVSS7.2AI score0.00454EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.6 views

PT-2025-13278 · Unknown · Nethermind +1

Name of the Vulnerable Software and Affected Versions: Nethermind Juno versions prior to 0.12.5 Description: The issue is caused by an integer overflow within the Sierra bytecode decompression logic in the "cairo-lang-starknet-classes" library. This allows remote attackers to trigger an infinite...

9.6CVSS7.4AI score0.00872EPSS
Exploits2References18
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.7 views

The vulnerabilities of the functions DECLARE_RWSEM() and dvb_register_device() in the drivers/media/dvb-core/dvbdev.c module of the Linux kernel allow a hacker to cause a service failure.

The vulnerabilities of the functions DECLARERWSEM and dvbregisterdevice in the drivers/media/dvb-core/dvbdev.c module of the Linux kernel are related to resource management errors. Exploiting these vulnerabilities can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.00272EPSS
Exploits0References18Affected Software7
Positive Technologies
Positive Technologies
added 2024/12/23 12:0 a.m.7 views

PT-2024-40974 · Crates.Io · Xous

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned, so the information cannot be determined. Description: The issue concerns the as slice and as slice mut functions, which are considered unsound. This is because any pointer, regardless of its bit...

7AI score
Exploits0References5
Oracle linux
Oracle linux
added 2024/05/23 12:0 a.m.384 views

systemd security update

239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...

5.9CVSS6.8AI score0.01051EPSS
Exploits4
CNNVD
CNNVD
added 2023/05/17 12:0 a.m.7 views

Snap One OvrC Cloud 输入验证错误漏洞

Snap One OvrC is a free cloud-based remote management and monitoring platform from Snap One USA. Snap One OvrC Cloud suffers from an input validation error vulnerability where an attacker could impersonate a hub and send a device request to declare a declared device...

8.6CVSS8.7AI score0.00517EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.5 views

SUSE CVE-2007-6019

Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly...

9.3CVSS8AI score0.5977EPSS
Exploits3References4
Rows per page
Query Builder