Lucene search
K

7602 matches found

Snyk
Snyk
added 2026/07/04 11:13 a.m.5 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the RRCInactiveTransitionReport function of the NGAP Message Handler component. An attacker can cause a service disruption by sending specially crafted messages remotely. Remediation Upgrade...

5.3CVSS6AI score0.00522EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 11:13 a.m.4 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the RRCInactiveTransitionReport function of the NGAP Message Handler component. An attacker can cause a service disruption by sending specially crafted messages remotely. Remediation Upgrade...

5.3CVSS6AI score0.00522EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 11:13 a.m.5 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/nas/nassecurity...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 11:13 a.m.6 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/gmm to version...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
NVD
NVD
added 2026/07/04 2:16 a.m.10 views

CVE-2025-71380

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or...

8.8CVSS0.00413EPSS
Exploits0References2
CVE
CVE
added 2026/07/04 1:23 a.m.30 views

CVE-2025-71380

CVE-2025-71380 : The n8n Execute Command node is vulnerable to arbitrary command execution by authenticated users on the host running n8n. The issue allows user- or credential-compromised attackers to run commands that could exfiltrate data, disrupt services, or fully compromise the host. Concret...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:23 a.m.11 views

CVE-2025-71380

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/03 10:18 p.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the CODEOWNERS pattern matching process. An attacker can cause excessive resource consumption by submitting specially crafted patterns, potentially leading to service unavailability. Remediation Upgrade...

7.5CVSS6AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 8:30 p.m.2 views

GHSA-J8PH-6FXJ-G533 Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch

Summary DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite the Java Eureka specification defining a third valid value: "Netflix". The exception propagates through the entire registry deserialization chain and is swallowed by the periodic...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/01 7:17 p.m.7 views

CVE-2026-58521

A flaw was found in the Mediawiki - Cargo Extension. This vulnerability allows an attacker to inject malicious commands into database queries. This could lead to unauthorized access to sensitive information, modification of data, or disruption of the database's availability...

9.8CVSS5.8AI score0.00283EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/07/01 12:0 a.m.8 views

The vulnerability of the authentication mechanism of the SAML-based NetScaler ADC controller (formerly Citrix ADC) and the NetScaler Gateway virtual environment access control system (formerly Citrix Gateway) allows a attacker to cause service interruptions.

The vulnerability of the SAML authentication mechanism for NetScaler ADC formerly Citrix ADC and the NetScaler Gateway virtual environment access control system formerly Citrix Gateway is related to reading data beyond the allowed range in memory. Exploiting this vulnerability could allow a...

9.7CVSS6.1AI score0.00502EPSS
Exploits1References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/30 12:0 a.m.4 views

The vulnerability of the ngx_http_charset_module module in NGINX Plus and NGINX Open Source web servers allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ngxhttpcharsetmodule module in NGINX Plus and NGINX Open Source web servers is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information or cause...

4.8CVSS6.3AI score0.00398EPSS
Exploits0References3Affected Software11
Redos
Redos
added 2026/06/26 12:0 a.m.5 views

ROS-20260626-73-0028

The vulnerability in ImageMagick 7 is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.8AI score0.00495EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/25 11:52 p.m.8 views

CVE-2026-53221

A flaw was found in the Linux kernel, specifically within the ip6vti component responsible for managing IPv6 tunnels. This vulnerability arises from an error in the vti6tnllookup function, which incorrectly matches network tunnels by failing to properly verify wildcard addresses during fallback...

9.8CVSS5.8AI score0.00559EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.4 views

The vulnerability of the `ip6_err_gen_icmpv6_unreach()` function in the `net/ipv6/icmp.c` module of the Linux operating system allows a attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ip6errgenicmpv6unreach function in the net/ipv6/icmp.c module of the Linux operating system is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause...

10CVSS6.2AI score0.00255EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability in the net/core/dev.c module of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the net/core/dev.ct module in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS5.8AI score0.00371EPSS
Exploits0References11Affected Software2
RedhatCVE
RedhatCVE
added 2026/06/24 8:44 p.m.8 views

CVE-2026-52926

A flaw was found in the Linux kernel's batman-adv module, which is responsible for managing mesh networks. When a mesh network is being shut down, the system fails to properly clear the active gateway information. This leaves outdated network configuration data, which can prevent the mesh network...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in grub2

A vulnerability has been identified in the GRUB2 bootloader’s network module, posing an immediate Denial of Service DoS risk. This flaw is a use-after-free issue, as the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who can execute th...

4.9CVSS5.8AI score0.0013EPSS
Exploits0References3
PyPA
PyPA
added 2026/06/24 1:16 p.m.6 views

PYSEC-2026-229

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...

6.9CVSS5.8AI score0.00417EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/24 1:16 p.m.5 views

PYSEC-0000-CVE-2026-56262

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...

6.9CVSS5.8AI score0.00417EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder