Lucene search
K

17 matches found

Snyk
Snyk
added 2026/06/11 1:28 p.m.8 views

Missing Release of Memory after Effective Lifetime

Overview io.netty:netty-codec-http2 is a HTTP2 sub package for the netty library, an event-driven asynchronous network application framework. Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime in the DelegatingDecompressorFrameListener function...

7.5CVSS5.4AI score0.00578EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 12:31 a.m.5 views

GHSA-XVFQ-4Q6Q-GXX7 In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS5.3AI score0.00289EPSS
Exploits0References5
NVD
NVD
added 2026/06/10 12:16 a.m.11 views

CVE-2026-41726

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS0.00289EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

VMware Spring for Apache Kafka 安全漏洞

VMware Spring for Apache Kafka is a Kafka messaging integration framework developed by VMware, Inc. Vulnerabilities exist in versions 4.0.0 and earlier, as well as versions 3.3.0 and earlier, 3.2.0 and earlier, 2.9.0 and earlier, and 2.8.0 and earlier of VMware Spring for Apache Kafka. The...

6.5CVSS5.3AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:48 p.m.36 views

CVE-2026-41726

In Spring for Apache Kafka, CVE-2026-41726 arises when an application uses the DelegatingDeserializer and an attacker can send records with unique, random spring.kafka.serialization.selector header values. This can cause the consumer’s heap to grow without bound, leading to garbage-collection thr...

6.5CVSS5.5AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 p.m.8 views

CVE-2026-41726 In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS5.4AI score0.00289EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:48 p.m.38 views

CVE-2026-41726 In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS0.00289EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-48322

Name of the Vulnerable Software and Affected Versions Spring for Apache Kafka versions 4.0.0 through 4.0.5 Spring for Apache Kafka versions 3.3.0 through 3.3.15 Spring for Apache Kafka versions 3.2.0 through 3.2.13 Spring for Apache Kafka versions 2.9.0 through 2.9.13 Spring for Apache Kafka...

6.5CVSS5.7AI score0.00289EPSS
Exploits0References8
NVD
NVD
added 2024/08/21 12:15 a.m.16 views

CVE-2024-43868

In the Linux kernel, the following vulnerability has been resolved: riscv/purgatory: align riscvkernelentry When alignment handling is delegated to the kernel, everything must be word-aligned in purgatory, since the trap handler is then set to the kexec one. Without the alignment, hitting the...

5.5CVSS0.00222EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/08/20 11:50 p.m.12 views

CVE-2024-43868 riscv/purgatory: align riscv_kernel_entry

In the Linux kernel, the following vulnerability has been resolved: riscv/purgatory: align riscvkernelentry When alignment handling is delegated to the kernel, everything must be word-aligned in purgatory, since the trap handler is then set to the kexec one. Without the alignment, hitting the...

6.7AI score0.00222EPSS
Exploits0References4
OSV
OSV
added 2024/08/20 11:50 p.m.19 views

CVE-2024-43868 riscv/purgatory: align riscv_kernel_entry

In the Linux kernel, the following vulnerability has been resolved: riscv/purgatory: align riscvkernelentry When alignment handling is delegated to the kernel, everything must be word-aligned in purgatory, since the trap handler is then set to the kexec one. Without the alignment, hitting the...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References8
Citrix
Citrix
added 2024/07/13 12:0 a.m.8 views

How to Grant Rights to be able to Manage Computer Accounts using the Provisioning Services Console

This article describes how to delegate rights to the user or group to allow adding workstations to an Active Directory ADdomain using the Provisioning Server console. Background While it is possible to assign AD users or groups to Built-In groups within AD to enable this functionality such as...

7.2AI score
Exploits0
CVE
CVE
added 2024/06/06 6:13 p.m.67 views

CVE-2024-32873

CVE-2024-32873 affects Evmos (EVM Hub on Cosmos). The issue: spendable balance is not updated during delegation from clawback vesting accounts, enabling anticipation of unvested tokens release. Root cause involves vesting/delegation logic and vesting/account handling; multiple connected reports d...

4.3CVSS3.6AI score0.00384EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/06/06 6:13 p.m.29 views

CVE-2024-32873 evmos allows transferring unvested tokens after delegations

Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. The spendable balance is not updated properly when delegating vested tokens. The issue allows a clawback vesting account to anticipate the release of unvested tokens. This vulnerability is fixed in 18.0.0...

3.5CVSS4.7AI score0.0044EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/08/15 12:0 a.m.11 views

delegated value can go to negative value during subtracting with amount. This will cause issue when delegating amount again.

Lines of code Vulnerability details Impact re-delegating / delegating again could not get actual delegated value. Proof of Concept Tools Used Manual code review. VS code Recommended Mitigation Steps update delegated value to zero when it goes to negative value ifdelegated 0 delegated = 0; --- The...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/09/08 12:0 a.m.372 views

Mozilla Thunderbird < 78.14

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-42 advisory. - Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Thunderbird...

8.8CVSS8.3AI score0.01205EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2021/01/27 10:18 a.m.35 views

Using the Manager Attribute in Active Directory (AD) for Password Resets

Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic. With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have ...

0.3AI score
Exploits0
Rows per page
Query Builder