Lucene search
K

45 matches found

CVE
CVE
added 3 days ago12 views

CVE-2026-56240

Capgo vulnerable before version 12.128.12. The billing authorization bypass results from a flaw in the plan_valid calculation, allowing organizations with exhausted or expired usage credits to bypass billing gates and keep access to /updates, /stats, /channel_self, and attachment upload endpoints...

5.3CVSS6.1AI score0.00182EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-56240 Capgo - Billing Authorization Bypass via Exhausted Usage Credits

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS0.00182EPSS
Exploits0References2
OSV
OSV
added 3 days ago2 views

CVE-2026-56240 Capgo - Billing Authorization Bypass via Exhausted Usage Credits

Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...

5.3CVSS6.1AI score0.00182EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 4:27 p.m.19 views

CVE-2026-13351 net: Maliciously fragmented IPv6 packets can prevent receiving/processing future incoming packets

Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the fragment-header processing path, the associated RX network packet buffer allocated from a memory...

7.5CVSS0.00278EPSS
Exploits1References1
OSV
OSV
added 2026/06/10 8:39 a.m.14 views

BIT-APACHE-2026-48913 Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

7.3CVSS5.4AI score0.00479EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 4:16 p.m.15 views

CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

7.3CVSS0.00479EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 4:16 p.m.4 views

ALPINE-CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

7.3CVSS6AI score0.00479EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 3:24 p.m.9 views

CVE-2026-48913 Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

5.4AI score0.00479EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:24 p.m.6 views

CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

7.3CVSS5.4AI score0.00479EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/08 3:24 p.m.103 views

CVE-2026-48913 Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

0.00479EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.21 views

PT-2026-47331

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.55 through 2.4.67 Description A Use After Free issue exists in the mod http2 module of Apache HTTP Server, which occurs when file handles are already exhausted. Use After Free is a memory corruption flaw where a...

9.8CVSS5.4AI score0.97108EPSS
Exploits15References138
EUVD
EUVD
added 2026/05/27 12:55 p.m.14 views

EUVD-2026-32297

In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...

5.9AI score0.00129EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 9:24 a.m.41 views

CVE-2026-45843 slip: bound decode() reads against the compressed packet length

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

8.2CVSS0.00278EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/19 9:4 a.m.12 views

kernel: xfrm: Duplicate SPI Handling

In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...

7.8CVSS5.6AI score0.00147EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.6 views

PT-2026-4937

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtos compatibility layers/OSEK/tx osek.c when handling the return value of osek get counter. Specifically, the current code checks if cntr id equals 0u to determine failure, but @osek g...

7.8CVSS6AI score0.00105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/05 4:15 p.m.7 views

CVE-2025-40250

Error handling in mlx5irqalloc destroys the entire CPU affinity rmap instead of just the failed mapping when requestirq returns an error. Concurrent threads accessing the rmap trigger a general protection fault as they dereference freed memory. The crash signature shows freeirqcpurmap accessing...

4.7CVSS6.5AI score0.00178EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/04 4:8 p.m.5 views

EUVD-2025-201207

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

5.9AI score0.00178EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/06 12:0 a.m.3 views

glibc 安全漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc version 2.15, which stems from a potential stack-based buffer overflow if the fixed-size cache of the Name Service Cache Daemon nscd is exhausted...

8.1CVSS7.2AI score0.0131EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/02/15 8:30 p.m.21 views

CVE-2024-0240 Silicon Labs EFR32 Bluetooth stack denial of service when sending notifications to multiple clients

A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such as advertising and scanning, to stop...

6.5CVSS6.8AI score0.0036EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.35 views

EulerOS 2.0 SP11 : containerd (EulerOS-SA-2023-1570)

According to the versions of the containerd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the hos...

6.5CVSS7.3AI score0.01022EPSS
Exploits0References2
Rows per page
Query Builder