Lucene search
K

7406 matches found

Veracode
Veracode
added 5 days ago7 views

Sensitive Information Exposure

Apache Camel Undertow Component is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception responses, where processing errors return full Java stack traces instead of suppressing them, allowing attackers to obtain sensitive information such as...

5.3CVSS5.9AI score0.00363EPSS
Exploits0References4Affected Software2
Snyk
Snyk
added 6 days ago4 views

Uncaught Exception

Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Uncaught Exception in the WebSocket listener routing, which dispatches requests for the...

8.2CVSS6.1AI score0.00593EPSS
Exploits0References2
NVD
NVD
added 6 days ago10 views

CVE-2026-59875

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS0.00291EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-59875 node-tar: Uncaught Exception DoS via NUL byte in PAX path/linkpath records

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS0.00291EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-59875

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS5.9AI score0.00291EPSS
Exploits0
CVE
CVE
added 6 days ago23 views

CVE-2026-49145

CVE-2026-49145 affects App::Ack for Perl up to version 3.10.0. The flaw arises because ack searches upward for a project .ackrc and loads its options; the project-source blocklist did not include --files-from, allowing a project .ackrc to set --files-from to a path whose listed files ack will rea...

7.5CVSS6AI score0.00329EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-49365

A flaw was found in the Apache Camel Netty HTTP component. An unauthenticated remote attacker can exploit this vulnerability by sending a malformed request that triggers an exception during route processing. Due to a misconfiguration where muteException is set to false by default, the system...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-56139

A flaw was found in the Apache Camel Undertow component. The camel-undertow HTTP server consumer, when processing errors, could return full Java stack traces in HTTP responses. This occurs because the muteException option, which controls what is returned to the client during errors, defaulted to...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-40859

A flaw was found in the camel-vertx-http component of Apache Camel. This vulnerability, a Deserialization of Untrusted Data, could allow a remote attacker to execute arbitrary code. By controlling the backend server or acting as a man-in-the-middle, an attacker could send a specially crafted...

8.1CVSS6.8AI score0.00724EPSS
Exploits1References4
OSV
OSV
added last week4 views

PYSEC-2026-1563 LlamaIndex Improper Handling of Exceptional Conditions vulnerability

A vulnerability in the LangChainLLM class of the run-llama/llamaindex repository, version v0.12.5, allows for a Denial of Service DoS attack. The streamcomplete method executes the llm using a thread and retrieves the result via the getresponsegen method of the StreamingGeneratorCallbackHandler...

7.5CVSS7.2AI score0.00761EPSS
Exploits1References6
OSV
OSV
added last week4 views

PYSEC-2026-1964 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

Impact If the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give an FPE. python import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y = tf.rawops.AvgPoolGradoriginputshape=1,0,0,0, grad=0.39117979, ksize=1,0,0,0, strides=1,0,0,0,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6
OSV
OSV
added last week4 views

PYSEC-2026-1960 TensorFlow has Floating Point Exception in AudioSpectrogram

Impact version:2.11.0 //core/ops/audioops.cc:70 Status SpectrogramShapeFnInferenceContext c ShapeHandle input; TFRETURNIFERRORc-WithRankc-input0, 2, &input; int32t windowsize; TFRETURNIFERRORc-GetAttr"windowsize", &windowsize; int32t stride; TFRETURNIFERRORc-GetAttr"stride", &stride; .....1...

7.5CVSS6.6AI score0.00383EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-956 TensorFlow has Floating Point Exception in TensorListSplit with XLA

Impact FPE in TensorListSplit with XLA python import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def fuzzjit: y = funcpara return y printfuzzjit Patches We have patched the issue in GitHub commit...

7.5CVSS5.9AI score0.00391EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-954 TensorFlow has Floating Point Exception in TFLite in conv kernel

Impact Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. Patches We have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa. The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. Fo...

7.5CVSS6AI score0.00391EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/07 3:49 a.m.6 views

EUVD-2026-42002

Uncaught Exception CWE-248 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: 9.50 prior t...

2.7CVSS6AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 3:49 a.m.16 views

CVE-2026-27790

CVE-2026-27790 affects the T20 Readers integration within Command Centre. An uncaught exception (CWE-248) in the system allows an authenticated and authorized operator to trigger a restart by sending specific requests, causing a temporary denial of service. Affected versions include: 9.50 prior t...

2.7CVSS6AI score0.00227EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 3:49 a.m.5 views

EUVD-2026-42001

Uncaught Exception CWE-248 in the T20 Readers allows an authenticated and authorized operator to trigger a restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: 9.50 prior to vCR9.50.260616a distributed in 9.50.1587MR1 9.40 prior to...

2.7CVSS6AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 9:16 a.m.8 views

CVE-2026-56139

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component. The camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false,...

5.3CVSS0.00363EPSS
Exploits0References2
NVD
NVD
added 2026/07/06 9:16 a.m.8 views

CVE-2026-49365

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.3CVSS0.00363EPSS
Exploits0References2
NVD
NVD
added 2026/07/06 9:16 a.m.7 views

CVE-2026-40859

Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter...

8.1CVSS0.00724EPSS
Exploits1References2
Rows per page
Query Builder