Lucene search
K

7607 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

NLnet Labs Routinator 安全漏洞

NLnet Labs Routinator is an open-source RPKI routing origin validation service developed by NLnet Labs. There is a security vulnerability in NLnet Labs Routinator: the system exits when an error occurs during HTTP or RTR connections. Attackers can exploit this condition by opening a large number ...

8.7CVSS5.3AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-59853

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

5.3CVSS5.5AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-27949

Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerability was identified in Plane's authentication flow where a user's email address is included as a query parameter in the URL during error handling e.g., when an invalid magic code is submitted. Transmitting personally...

4.3CVSS5.5AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.10 views

CVE-2026-20450

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...

6.5CVSS5.7AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 5:45 a.m.10 views

BIT-GOLANG-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.3CVSS5.5AI score0.0037EPSS
Exploits0References5
OSV
OSV
added 2026/06/03 9:13 p.m.14 views

GHSA-R3XG-RG9J-67FV Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend

Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity XXE attacks to read local files or cause denial of service - Decompression bombs zip bombs to exhaust memory and disk space - Unbounded archive extraction...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References3
NVD
NVD
added 2026/06/03 6:16 p.m.13 views

CVE-2025-71313

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...

5.5CVSS0.00107EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.20 views

PT-2026-45984

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the PCI endpoint component. The function alloc workqueue may return NULL during a memory allocation failure. If this return value is not properly...

5.5CVSS5.4AI score0.00107EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the use...

5.5CVSS6.3AI score0.00127EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 11:16 p.m.8 views

UBUNTU-CVE-2026-42507

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.3CVSS5.3AI score0.0037EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/02 10:1 p.m.7 views

CVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.8AI score0.0037EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/06/02 6:9 a.m.90 views

JDWPEx

JDWP Remote Code Execution Exploit A Python 3 implement...

6.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/30 6:31 p.m.101 views

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

CVE-2024-3400 This program was improved upon to include a safe...

10CVSS7.4AI score0.99999EPSS
Exploits43
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/30 12:0 a.m.14 views

Security update for perl-YAML-Syck (moderate)

openSUSE Security Update: Security update for perl-YAML-Syck Announcement ID: openSUSE-SU-2026:0180-1 Rating: moderate References: 1252111 1259757 Cross-References: CVE-2025-11683 CVE-2026-4177 CVSS scores: CVE-2025-11683 SUSE: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products:...

6.5CVSS6.1AI score0.00429EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:8 a.m.9 views

RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()

...

5.5CVSS5.4AI score0.00127EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.15 views

SUSE CVE-2026-46127

In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdmacopypduresp Sashiko points out that pd-uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NU...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.17 views

SUSE CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

6.6CVSS5.9AI score0.00127EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.19 views

PT-2026-44986

Name of the Vulnerable Software and Affected Versions NanoMQ versions prior to 0.24.9 Description NanoMQ is an Edge Messaging Platform. A null pointer dereference can occur in the quic stream recv function when a substream is in a reopen state. The system completes the Asynchronous I/O AIO...

6.3CVSS5.8AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

NanoMQ 代码问题漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.8 have code vulnerabilities. These vulnerabilities stem from the quicstreamrecv function, which cancels references to empty substream pointers when the substream is reopened,...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 9:12 p.m.15 views

CVE-2026-46112

A flaw was found in the Linux kernel's RDMA/hns component. An issue exists where the hnsroceqpremove function is called without proper locking during an error handling process. This can lead to memory corruption, potentially causing system instability or a denial of service DoS condition. A local...

7.8CVSS5.8AI score0.001EPSS
Exploits0References4
Rows per page
Query Builder