Lucene search
K

3614 matches found

hivepro
hivepro
added 2026/05/26 10:10 a.m.12 views

Identity Exposure Management: Risks and Response

Start with the path that carries risk. Security teams need a clear view of access risk. Stolen tokens and excessive privileges turn legitimate access into an attack route. Identity risk becomes urgent when one exposed account opens a path across critical systems. Identity exposure management is t...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/26 3:25 a.m.18 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS5.8AI score0.00615EPSS
Exploits0References8
Snyk
Snyk
added 2026/05/22 1:44 p.m.15 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the WebSocket process. An attacker can cause the server to crash and disrupt service availability for all users by sending a specially crafted binary WebSocket message to the public endpoin...

8.7CVSS5.8AI score0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.11 views

PT-2026-42779

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing arbitrary HTML can consume excessive CPU time, which may lead to a denial of service a condition where a system becomes unavailable to its intended users...

9.8CVSS5.9AI score0.00248EPSS
Exploits0
EUVD
EUVD
added 2026/05/21 2:8 p.m.14 views

EUVD-2026-31288

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

6.3CVSS5.8AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 2:8 p.m.43 views

CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

6.3CVSS0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.17 views

PT-2026-42475

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

6.3CVSS5.8AI score0.00184EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

LiteLLM 安全漏洞

LiteLLM is an open-source application developed by Berri AI. It can utilize all LLM APIs in the OpenAI format. Versions of LiteLLM prior to 1.83.14 contained a security vulnerability. This vulnerability stemmed from the lack of verification of whether the allowedroutes field was within the user’s...

8.8CVSS5.8AI score0.00739EPSS
Exploits3References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 2:14 p.m.7 views

CVE-2026-8488

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

4.3CVSS5.8AI score0.00364EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/20 2:14 p.m.12 views

EUVD-2026-31119

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

4.3CVSS5.8AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 2:6 p.m.39 views

CVE-2026-8485 Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation

Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

5.9CVSS0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/20 9:0 a.m.10 views

CVE-2026-9064

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.9AI score0.00815EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

It has been discovered that GNU Binutils prior to version 2.40 contains a vulnerability involving excessive memory consumption, caused by the loadseparatedebugfiles function in dwarf2.c. An attacker could provide a crafted ELF file and trigger a DNS attack...

5.5CVSS5.3AI score0.00483EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...

5.5CVSS6.8AI score0.01097EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libwebp

A flaw was discovered in libwebp in versions prior to 1.0.1. When reading a file, libwebp allocates an excessive amount of memory. The greatest threat posed by this vulnerability is related to service availability...

7.5CVSS6.8AI score0.01966EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Wireshark

Excessive loops in multiple dissectors in Wireshark versions 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 allow denial of service via packet injection or crafted capture files...

6.5CVSS6.8AI score0.00887EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. The vulnerability affects the intrcallback function in the drivers/net/usb/r8152.c file of the BPF component. Manipulation of this function results in the logging of excessive data. The attack can be...

5.3CVSS6.5AI score0.02211EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 4:19 p.m.13 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.2AI score0.00615EPSS
Exploits0References8
NVD
NVD
added 2026/05/19 3:16 p.m.15 views

CVE-2026-45557

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS0.00389EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/19 1:47 p.m.6 views

CVE-2026-45557

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS5.8AI score0.00389EPSS
Exploits0References4
Rows per page
Query Builder