Lucene search
+L

8 matches found

RedHat Linux
RedHat Linux
added 6 days ago8 views

Important: Red Hat Security Advisory: nginx:1.24 security, bug fix, and enhancement update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.2CVSS7.4AI score0.03552EPSS
Exploits1References2
OSV
OSV
added 2026/07/08 12:3 p.m.2 views

RLSA-2026:36618 Important: nginx:1.24 security, bug fix, and enhancement update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...

8.1CVSS7.4AI score0.03552EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/06/13 4:5 a.m.134 views

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server

http2-bomb-detector HTTP/2 Bomb CVE-2026-49975 Non-destru...

7.5CVSS5.6AI score0.11471EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.142 views

Apache 2.4.x < 2.4.68 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.68. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.68 advisory. - CVE-2026-49975, also known as HTTP/2 Bomb, is a remote denial-of-service exploit against most major web servers, including:...

9.8CVSS5.4AI score0.11471EPSS
Exploits8References13
ATTACKERKB
ATTACKERKB
added 2026/06/06 9:14 a.m.10 views

CVE-2026-10725

Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per index...

5.7AI score0.00414EPSS
Exploits0References4
OSV
OSV
added 2026/06/06 9:14 a.m.2 views

CVE-2026-10725 Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb

Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...

7.5CVSS6.1AI score0.00414EPSS
Exploits0References10
CVE
CVE
added 2026/06/06 9:14 a.m.81 views

CVE-2026-10725

Protocol::HTTP2 for Perl (versions up to 1.12) is vulnerable to an HTTP/2 Bomb. The inbound HPACK path lacks a header-list size limit; headers_decode materialises a full key+value copy per indexed reference with no running size check, and stream_header_block_add appends every CONTINUATION frame u...

7.5CVSS5.7AI score0.00414EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2026/06/04 6:22 a.m.752 views

Exploit for CVE-2026-49975

CVE-2026-49975 — HTTP/2 Bomb PoC !CVEhttps://img.shields...

5.8AI score0.11471EPSS
Exploits8
Rows per page
Query Builder