Lucene search
K

1498 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 24.04 LTS / 26.04 LTS : curl vulnerabilities (USN-8525-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8525-1 advisory. Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP...

9.8CVSS6.7AI score0.01378EPSS
Exploits10References11
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

RockyLinux 9 : nginx:1.26 (RLSA-2026:36639)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36639 advisory. nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes and Enhancements:...

9.2CVSS7.5AI score0.03459EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 6 days ago5 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Commo...

9.8CVSS7.2AI score0.11471EPSS
Exploits9References8
RedHat Linux
RedHat Linux
added 6 days ago10 views

Important: Red Hat Security Advisory: nginx:1.24 security, bug fix, and enhancement update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.2CVSS7.9AI score0.03459EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 6 days ago5 views

RockyLinux 9 : nginx:1.24 (RLSA-2026:36618)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36618 advisory. nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes and Enhancements:...

9.2CVSS7.5AI score0.03459EPSS
Exploits1References3
OSV
OSV
added last week6 views

ROOT-APP-MAVEN-CVE-2026-48043 CVE-2026-48043 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2026-48043 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.9AI score0.00594EPSS
Exploits0
OSV
OSV
added last week9 views

ROOT-APP-MAVEN-CVE-2026-33871 CVE-2026-33871 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2026-33871 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.9AI score0.01125EPSS
Exploits0
OSV
OSV
added last week4 views

ROOT-APP-MAVEN-CVE-2026-47244 CVE-2026-47244 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2026-47244 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...

5.3CVSS5.9AI score0.00292EPSS
Exploits0
OSV
OSV
added last week17 views

ROOT-APP-MAVEN-CVE-2025-55163 CVE-2025-55163 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2025-55163 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...

7.5CVSS6.9AI score0.00979EPSS
Exploits1
OSV
OSV
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2821 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

7.5CVSS6.6AI score0.03782EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2820 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

7.5CVSS6AI score0.03782EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 2:4 a.m.2 views

SUSE-SU-2026:2759-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...

9.8CVSS7.2AI score0.11471EPSS
Exploits8References27
OSV
OSV
added 2026/07/06 12:0 a.m.5 views

ALSA-2026:35891 Important: nodejs:24 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References32
OSV
OSV
added 2026/07/03 7:16 a.m.3 views

ALPINE-CVE-2026-10536

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

9.8CVSS6AI score0.00891EPSS
Exploits1References1
OSV
OSV
added 2026/07/02 4:26 p.m.26 views

ROOT-APP-MAVEN-CVE-2025-1948 CVE-2025-1948 in io.root.org.eclipse.jetty.http2:jetty-http2-common - Patched by Root

Root has patched CVE-2025-1948 in the io.root.org.eclipse.jetty.http2:jetty-http2-common package for Root:Maven. Multiple fixed versions available...

7.5CVSS7.1AI score0.00625EPSS
Exploits0
OSV
OSV
added 2026/07/02 4:26 p.m.16 views

ROOT-APP-MAVEN-CVE-2025-5115 CVE-2025-5115 in io.root.org.eclipse.jetty.http2:jetty-http2-common - Patched by Root

Root has patched CVE-2025-5115 in the io.root.org.eclipse.jetty.http2:jetty-http2-common package for Root:Maven. Multiple fixed versions available...

7.5CVSS7AI score0.01567EPSS
Exploits0
OSV
OSV
added 2026/07/02 9:47 a.m.2 views

OPENSUSE-SU-2026:21213-1 Security update for containerd

This update for containerd fixes the following issues Update to 1.7.33: - CVE-2024-25621: overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: goroutine leaks can lead to memory exhaustion on the host bsc1253132. - CVE-2026-33186: google.golang.org/grpc: authorization bypas...

9.6CVSS6.8AI score0.01557EPSS
Exploits3References20
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.6 views

netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the DelegatingDecompressorFrameListener class. This resource leak could lead to an Out Of Memory Error OOME, potentially causing a Denial of Service DoS by taking down th...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References7
NVD
NVD
added 2026/07/01 6:16 p.m.9 views

CVE-2026-54428

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS0.00587EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 6:16 p.m.3 views

UBUNTU-CVE-2026-54428

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS5.8AI score0.00587EPSS
Exploits0References5
Rows per page
Query Builder