Lucene search
+L

3974 matches found

nessus
nessus
added 2026/06/08 12:0 a.m.9 views

MiracleLinux 8 : httpd:2.4 (AXSA:2026-762:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-762:01 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in...

9.8CVSS7.3AI score0.04409EPSS
Exploits1References7
rustsec
rustsec
added 2026/06/06 12:0 p.m.23 views

DoS vulnerability in HTTP/1.x chunked encoding parser triggered by maliciously crafted chunk lengths

When using the affected versions of the vibeio-http crate, an attacker could craft a malicious HTTP/1.x request with a large chunk length between usize::MAX - 1 and usize::MAX inclusive and send it, causing the server to crash integer overflow panic in debug builds, splitto out of bounds panic in...

5.5AI score
Exploits0Affected Software1
nessus
nessus
added 2026/06/06 12:0 a.m.23 views

RHEL 9 : compat-openssl11 (RHSA-2026:22313)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22313 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from th...

7.5CVSS5.6AI score0.00805EPSS
Exploits0References5
nessus
nessus
added 2026/06/06 12:0 a.m.30 views

RHEL 8 : httpd:2.4 (RHSA-2026:22140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22140 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...

9.8CVSS6.4AI score0.04409EPSS
Exploits1References14
nessus
nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.12.0 : gnutls (EulerOS-SA-2026-2101)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory...

5.3CVSS6.6AI score0.00638EPSS
Exploits1References2
nessus
nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : protobuf (EulerOS-SA-2026-2182)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
nessus
nessus
added 2026/06/06 12:0 a.m.15 views

RHEL 10 : php8.4 (RHSA-2026:22649)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22649 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also...

9.1CVSS5.8AI score0.0078EPSS
Exploits1References14
redhatcve
redhatcve
added 2026/06/05 7:37 p.m.15 views

CVE-2026-47706

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the determinedepth...

5.3CVSS5.4AI score0.00296EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/06/05 7:21 p.m.11 views

CVE-2026-41309

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

8.2CVSS5.4AI score0.00369EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/04 2:6 p.m.10 views

CVE-2026-47706 Strawberry GraphQL has a Circular Fragment Reference DOS

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the determinedepth...

5.3CVSS5.8AI score0.00296EPSS
Exploits1References2
redhat
redhat
added 2026/06/04 1:4 p.m.10 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.8AI score0.00337EPSS
Exploits0References5
redhat
redhat
added 2026/06/04 12:43 p.m.4 views

net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

A flaw was found in the net/mail package of the Go programming language. An attacker could provide specially crafted inputs to the ParseAddress, ParseAddressList, or ParseDate functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service DoS for...

7.5CVSS6.9AI score0.00784EPSS
Exploits0References8
cnnvd
cnnvd
added 2026/06/04 12:0 a.m.10 views

Strawberry GraphQL 安全漏洞

Strawberry GraphQL is an open-source Python GraphQL library that utilizes type annotations. Versions 0.172.0 to 0.315.6 of Strawberry GraphQL contain security vulnerabilities. These vulnerabilities stem from the MaxAliasesLimiter extension not taking into account the multiplicative amplification...

5.3CVSS5.3AI score0.00417EPSS
Exploits1References2
github
github
added 2026/06/03 9:5 p.m.15 views

React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint

There exists a potential DOS attack vector in React Router Framework Mode applications as well as Remix v2.10.0 - 2.17.4. Certain requests can be crafted to consume disproportionate resources on the server, resulting in response time degredation and/or service unavailability for end users. !NOTE...

7.5CVSS5.8AI score0.00299EPSS
Exploits0References3Affected Software2
cvelist
cvelist
added 2026/06/02 7:27 p.m.37 views

CVE-2021-4479 Dräger Atlan A350 1.00 <= 1.01 DoS via Medibus Interface

Dräger Atlan A350 versions 1.00 up to and including 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload...

6.3CVSS0.00241EPSS
Exploits0References2
cve
cve
added 2026/06/02 6:23 p.m.143 views

CVE-2026-42342

CVE-2026-42342 affects React Router and Remix Server Runtime: versions 7.0.0–7.14.x of react-router and 2.10.0–2.17.4 of @remix-run/server-runtime are vulnerable to DoS via unbounded path expansion on the __manifest endpoint, causing high resource usage and potential unavailability for Framework ...

7.5CVSS5.8AI score0.00299EPSS
Exploits0References1Affected Software2
osv
osv
added 2026/06/02 6:0 a.m.8 views

SUSE-SU-2026:2218-1 Security update for python3-Twisted

This update for python3-Twisted fixes the following issue - CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression bsc1265265...

7.5CVSS5.8AI score0.00433EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/06/02 4:3 a.m.18 views

CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References1
osv
osv
added 2026/06/02 12:0 a.m.2 views

ALSA-2026:22649 Important: php8.4 security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.1CVSS7AI score0.0078EPSS
Exploits1References14
nessus
nessus
added 2026/06/02 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-60486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free in the dasherprocess function /filters/dasher.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS vi...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References3
Rows per page
Query Builder