Lucene search
K

66 matches found

NVD
NVD
added last week12 views

CVE-2026-47205

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's extauthz HTTP filter when processing per-route authorization overrides...

5.9CVSS0.00387EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added last week5 views

CVE-2026-47205

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's extauthz HTTP filter when processing per-route authorization overrides...

5.9CVSS5.8AI score0.00387EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/06/22 10:16 p.m.10 views

CVE-2026-56280

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel running native builds. The endpoint registers an abort listener on the SSE stream that unconditionally invokes cancelBuildOnDisconnect using the privileged...

7.1CVSS0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in bluez

A issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free condition can occur when a client disconnects during D-Bus processing of a WriteValue call...

9.1CVSS6.7AI score0.01544EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 1:40 p.m.5 views

SUSE-SU-2026:21951-1 Security update for libsoup

This update for libsoup fixes the following issue - CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution bsc1259767...

7.5CVSS5.9AI score0.00829EPSS
Exploits1References3
OSV
OSV
added 2026/04/07 8:39 a.m.3 views

SUSE-SU-2026:1192-1 Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issues: - CVE-2026-27448: unhandled exception can result in connection not being cancelled bsc1259804. - CVE-2026-27459: large cookie value can lead to a buffer overflow bsc1259808...

9.8CVSS6.1AI score0.00704EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/31 12:0 a.m.7 views

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of protection for null pointers when the USB connection is disconnected, potentially...

5.8AI score0.00194EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/25 12:0 a.m.4 views

Pexip Infinity 安全漏洞

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from the Norwegian company Pexip. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions 38.0...

7.5CVSS6.5AI score0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/28 12:0 a.m.7 views

PT-2025-44229

Name of the Vulnerable Software and Affected Versions X.Org X Server versions 2:21.1.16-1ubuntu1.2 and earlier X.Org X Server affected versions not specified Description The X.Org X Server contains flaws in memory handling and client resource cleanup. Specifically, the X Keyboard Xkb extension...

7.8CVSS8.5AI score0.00481EPSS
Exploits0References148
RedhatCVE
RedhatCVE
added 2025/09/21 6:8 a.m.10 views

CVE-2025-10456

A vulnerability was identified in the handling of Bluetooth Low Energy BLE fixed channels such as SMP or ATT. Specifically, an attacker could exploit a flaw that causes the BLE target i.e., the device under attack to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth...

7.1CVSS6.7AI score0.00195EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/23 1:33 p.m.12 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to unwanted disconnects due to the gRPC package (CVE-2023-33953)

Summary gRPC is used by DataStage on Cloud Pak for Data as part of service communication. Vulnerability Details CVEID:CVE-2023-33953 DESCRIPTION: gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional...

7.5CVSS7.7AI score0.00412EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/05/01 1:15 p.m.1 views

UBUNTU-CVE-2025-37756

In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago...

5.5CVSS6.2AI score0.00262EPSS
Exploits0References35
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mptcp handling fastopen disconnects incorrectly...

5.5CVSS6.5AI score0.00191EPSS
Exploits0References7
OSV
OSV
added 2025/01/17 2:8 p.m.7 views

OESA-2025-1066 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hotplug capable ports, users could...

7.8CVSS5.9AI score0.00535EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2024/12/03 4:21 p.m.2 views

gRPC: hpack table accounting errors can lead to denial of service

A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser...

7.5CVSS7.3AI score0.00412EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.6 views

The vulnerability of the Bluetooth smart watch technology from Fire-Boltt: an artillery smart watch that allows a violator to disconnect the user from the application or expose protected information.

The vulnerability of the Bluetooth smart watch technology Fire-Boltt Artillery Smart Watch lies in improper cleaning or release of resources. Exploiting this vulnerability could allow a malicious actor to disconnect the user from the application or expose the protected information...

8.2CVSS5.5AI score0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/21 3:4 p.m.25 views

CVE-2021-47410 drm/amdkfd: fix svm_migrate_fini warning

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix svmmigratefini warning Device manager releases device-specific resources when a driver disconnects from a device, devmmemunmappages and devmreleasememregion calls in svmmigratefini are redundant. It causes below...

6.4AI score0.00208EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/08/11 4:48 a.m.29 views

CVE-2023-33953

A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2023/08/09 1:15 p.m.30 views

CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.1AI score0.00412EPSS
Exploits0
NVD
NVD
added 2023/08/09 1:15 p.m.13 views

CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.7AI score0.00412EPSS
Exploits0References1
Rows per page
Query Builder