CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Amazon•added 2026/05/26 12:0 a.m.•6 views

Important: oci-add-hooks

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00054EPSS

Exploits0

Veracode•added 2024/07/11 6:19 a.m.•11 views

Improper Access Control

ssddanbrown/bookstack is vulnerable to Improper Access Control. The vulnerability is due to the lack of proper validation in BookStack, that allowing attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

7.5CVSS6.7AI score0.00229EPSS

Exploits0References5Affected Software1

OSV•added 2024/07/10 12:30 a.m.•10 views

GHSA-PJ36-FCRG-327J BookStack Incorrect Access Control vulnerability

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

8.8CVSS7.5AI score0.00229EPSS

Exploits0References6

NVD•added 2024/07/09 10:15 p.m.•16 views

CVE-2024-36676

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

7.5CVSS0.00229EPSS

Exploits0References3

CVE•added 2024/07/09 12:0 a.m.•140 views

CVE-2024-36676

The CVE-2024-36676 entry concerns BookStack prior to v24.05.1, where an incorrect access control flaw allows an attacker to confirm existing system users and trigger a targeted notification email DoS via public-facing forms. The vulnerability is documented in multiple sources (e.g., BookStack rel...

7.5CVSS7AI score0.00229EPSS

Exploits0References3

Cvelist•added 2024/07/09 12:0 a.m.•17 views

CVE-2024-36676

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

0.00229EPSS

Exploits0References3

Vulnrichment•added 2024/07/09 12:0 a.m.•13 views

CVE-2024-36676

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

6.9AI score0.00229EPSS

Exploits0References3

Packet Storm•added 2024/01/11 12:0 a.m.•362 views

PHPJabbers Event Ticketing System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Event Ticketing System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Tested on...

7.4AI score0.00216EPSS

Exploits2

NVD•added 2021/09/06 2:15 p.m.•16 views

CVE-2021-36093

It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...

5.3CVSS0.0047EPSS

Exploits0References1

OSV•added 2021/09/06 2:15 p.m.•1 views

CVE-2021-36093

5.3CVSS5.8AI score

Exploits0References1