Lucene search
+L

782 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.5 views

CVE-2026-20084

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:2 p.m.34 views

CVE-2026-20084

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS0.00354EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 2:16 p.m.4 views

ALPINE-CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 2:16 p.m.3 views

DEBIAN-CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS8.7AI score0.01545EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 1:25 p.m.69 views

CVE-2026-1519

Impact: BIND 9 DNSSEC resolvers may consume excessive CPU when validating DNSSEC in a malicious zone. Affected product: BIND 9 series (versions 9.11.0–9.16.50, 9.18.0–9.18.46, 9.20.0–9.20.20, 9.21.0–9.21.19, plus 9.11.3-S1–9.16.50-S1, 9.18.11-S1–9.18.46-S1, and 9.20.9-S1–9.20.20-S1). Root cause: ...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References28Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 1:25 p.m.2 views

CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-1519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. Vulnerabilities exist in versions of ISC BIND 9 such as 9.16.50 and earlier, 9.18.46 and earlier, 9.20.20 and earlier, 9.21.19 and earlier, 9.16.50-S1 and earlier, 9.18.46-S1 and earlier, and 9.20.20-S1 and earlier...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.12 views

PT-2026-28168

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage, used for attaching cloud and local files in Rails applications, is susceptible to a denial-of-service condition. The...

6.5CVSS5.8AI score0.00434EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.14 views

PT-2026-27790

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the DHCP snooping feature that may allow a remote attacker to forward BOOTP packets between VLANs, leading to a denial of service DoS. This is caused by imprope...

8.6CVSS5.9AI score0.00354EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.11 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server prior to 8.6.56 and 9.6.0-alpha.45. These vulnerabilities stemmed from the LiveQuery component no...

8.2CVSS5.8AI score0.00345EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP12 : golang (EulerOS-SA-2026-1363)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a respon...

7.5CVSS5.9AI score0.00626EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP12 : python-urllib3 (EulerOS-SA-2026-1378)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the...

8.9CVSS6.5AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS 2.0 SP11 : python-urllib3 (EulerOS-SA-2026-1619)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the...

8.9CVSS6.5AI score0.00633EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-urllib3 (UTSA-2026-006157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006157 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded...

8.9CVSS6.7AI score0.00633EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/05 8:23 a.m.4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS5.7AI score0.00643EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005593 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded...

8.9CVSS6AI score0.00633EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.4 views

Astra Linux – Vulnerability in python-urllib3

urllib3 is a user-friendly HTTP client library for Python. Starting from version 1.24 and before 2.6.0, the number of links in the decompression chain was unbounded, allowing a malicious server to insert virtually an unlimited number of compression steps. This led to high CPU usage and massive...

8.9CVSS6.5AI score0.00633EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/16 9:33 p.m.3 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/16 11:40 a.m.14 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
Rows per page
Query Builder