Lucene search
K

103211 matches found

Fedora
Fedora
added 2026/03/21 12:55 a.m.6 views

[SECURITY] Fedora 43 Update: cpp-httplib-0.37.1-2.fc43

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...

7.5CVSS5.7AI score0.00602EPSS
Exploits4
NVD
NVD
added 2026/03/20 11:16 p.m.3 views

CVE-2026-33180

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.0, when setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP...

8.2CVSS0.00264EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/20 11:16 p.m.8 views

CVE-2026-33231

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp allows unauthenticated remote shutdown of the local WordNet Browser HTTP server whe...

7.5CVSS5.9AI score0.00855EPSS
Exploits1References4
CVE
CVE
added 2026/03/20 10:45 p.m.40 views

CVE-2026-33231

CVE-2026-33231 affects NLTK’s nltk.app.wordnet_app in versions 3.9.3 and earlier, where the WordNet Browser HTTP server started in default mode can be remotely shutdown by an unauthenticated GET request to /SHUTDOWN%20THE%20SERVER, causing a denial of service via os._exit(0). IBM’s bulletin/Secur...

7.5CVSS5.8AI score0.00855EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2026/03/20 10:45 p.m.22 views

CVE-2026-33231 NLTK has unauthenticated remote shutdown in nltk.app.wordnet_app

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp allows unauthenticated remote shutdown of the local WordNet Browser HTTP server whe...

7.5CVSS0.00855EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 10:45 p.m.5 views

CVE-2026-33231

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp allows unauthenticated remote shutdown of the local WordNet Browser HTTP server whe...

7.5CVSS5.8AI score0.00855EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/20 10:23 p.m.4 views

EUVD-2026-13830

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

9.1CVSS5.9AI score0.01557EPSS
Exploits1References1
CVE
CVE
added 2026/03/20 10:23 p.m.343 views

CVE-2026-33186

Summary: CVE-2026-33186 affects gRPC-Go prior to 1.79.3, where Authorization bypass could occur due to improper input validation of the HTTP/2 :path header. The server accepted non-canonical paths like Service/Method (missing leading slash), causing canonical “deny” rules in path-based authorizat...

9.1CVSS5.9AI score0.01557EPSS
Exploits1References163Affected Software1
Debian CVE
Debian CVE
added 2026/03/20 10:23 p.m.5 views

CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

9.1CVSS7.6AI score0.01557EPSS
Exploits1
Cvelist
Cvelist
added 2026/03/20 10:19 p.m.21 views

CVE-2026-33180 HAPI FHIR HTTP authentication leak in redirects

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.0, when setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP...

7.5CVSS0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/03/20 10:16 p.m.8 views

CVE-2026-23536

A security issue was discovered in the Feast Feature Server's /read-document endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a specially crafted HTTP POST request, an attacker can bypass intended access restrictions to...

7.5CVSS0.00594EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/20 8:50 p.m.5 views

Use of Incorrectly-Resolved Name or Reference

Overview h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the mount method. An attacker can manipulate request context and set unintended privilege flags by crafting...

6.3CVSS5.9AI score0.00239EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/20 6:19 p.m.23 views

CVE-2026-32309 Cryptomator: Hub unlocking accepts plaintext HTTP and unvalidated endpoint schemes

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, the Hub-based unlock flow explicitly supports hub+http and consumes Hub endpoints from vault metadata without enforcing HTTPS. As a result, a vault configuration can drive OAuth and key-loading traffic over...

8.7CVSS0.00204EPSS
Exploits0References2
OSV
OSV
added 2026/03/20 2:24 p.m.7 views

OESA-2026-1667 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP...

9.4CVSS5.8AI score0.00644EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 2:24 p.m.5 views

OESA-2026-1666 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP...

9.4CVSS5.8AI score0.00644EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 2:24 p.m.5 views

OESA-2026-1665 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP...

9.4CVSS5.8AI score0.00644EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 2:24 p.m.6 views

OESA-2026-1651 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Improper Input Validation...

9.1CVSS5.7AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 2:23 p.m.6 views

OESA-2026-1637 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.1, when a cpp-httplib client uses the...

8.7CVSS5.6AI score0.00453EPSS
Exploits2References3
vulnersOsv
vulnersOsv
added 2026/03/20 12:0 p.m.5 views

NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +487 more potentially affected by unknown CVE via tokio-signal (>=0.1.5 <=0.3.0-alpha.1)

tokio-signal CARGO version =0.1.5, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.2.5 - actix-identity =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0065...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/20 11:48 a.m.1 views

SUSE-SU-2026:20768-1 Security update for python311

This update for python311 fixes the following issues: Updated to Python 3.11.15: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References17
Rows per page
Query Builder