Lucene search
K

3282 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.4 views

TencentOS Server 4: python-urllib3 (TSSA-2026:0112)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0112 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.9CVSS6.2AI score0.00622EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0039: brotli (ALINUX3-SA-2026:0039)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0039 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-6176: Scrapy versions up to 2.13.2 are...

7.5CVSS6AI score0.00509EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005593 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded...

8.9CVSS6AI score0.00622EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/04 7:36 p.m.31 views

CVE-2026-28435 Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

7.5CVSS0.00418EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 7:36 p.m.4 views

CVE-2026-28435 Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

7.5CVSS5.6AI score0.00418EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/04 6:31 p.m.64 views

EUVD-2026-9462

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

5.8CVSS6AI score0.0039EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 6:16 p.m.7 views

CVE-2026-20057

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

5.8CVSS0.00432EPSS
Exploits0References1
NVD
NVD
added 2026/03/04 6:16 p.m.5 views

CVE-2026-20058

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

5.8CVSS0.0039EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 5:47 p.m.10 views

CVE-2026-20058

CVE-2026-20058 affects Cisco products featuring the Snort 3 VBA capability. The issue stems from improper error checking when decompressing VBA data in the Snort 3 Detection Engine, which could allow an unauthenticated, remote attacker to send crafted VBA data over the network and cause the Detec...

5.8CVSS6AI score0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/04 5:47 p.m.35 views

CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

5.8CVSS0.0039EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:47 p.m.4 views

CVE-2026-20058

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

5.8CVSS6AI score0.0039EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/03/04 5:47 p.m.4 views

CVE-2026-20057 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

5.8CVSS6AI score0.00432EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:47 p.m.4 views

CVE-2026-20057

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

5.8CVSS6AI score0.00432EPSS
Exploits0References2Affected Software3
Vulnrichment
Vulnrichment
added 2026/03/04 5:47 p.m.5 views

CVE-2026-20054 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...

5.8CVSS6AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 5:47 p.m.16 views

CVE-2026-20054

Cisco CVE-2026-20054 affects Snort 3 VBA feature. The vulnerability stems from improper error checking when decompressing VBA data, allowing an unauthenticated attacker to send crafted VBA to the Snort 3 Detection Engine and force an infinite loop, resulting in DoS. CVSS‑3.1 metrics: AV:N/AC:L/PR...

5.8CVSS6AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 5:46 p.m.13 views

CVE-2026-20053

Cisco CVE-2026-20053 affects multiple Cisco products via Snort 3 Visual Basic for Applications (VBA) Decompression Engine. The vulnerability stems from improper range checking when decompressing VBA data, which is user-controlled, enabling an unauthenticated, remote attacker to cause the Snort 3 ...

5.8CVSS6AI score0.00414EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/04 5:46 p.m.27 views

CVE-2026-20053 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Heap Overflow Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An...

5.8CVSS0.00414EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/04 4:0 p.m.13 views

Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the Snort 3 Visual Basic for Applications VBA Decompression Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service DoS condition. For mor...

5.8CVSS6AI score0.00432EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/04 3:36 p.m.7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.25 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

7.5CVSS7.1AI score0.00509EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/04 8:55 a.m.8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.50 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.50 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

7.5CVSS7.1AI score0.00509EPSS
Exploits0References2
Rows per page
Query Builder