Lucene search
K

287 matches found

Cvelist
Cvelist
added 2026/06/23 4:39 p.m.33 views

CVE-2026-54021 Open WebUI: Authenticated users can target arbitrary configured Ollama backends via unguarded url_idx path parameter

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied urlidx path parameter and use it as a raw index into the admin-configured OLLAMABASEURLS list. Access...

6.3CVSS0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49466

Unauthenticated SQL Injection in Realtyna Organic IDX plugin = 5.1.0 versions...

9.3CVSS5.7AI score0.00291EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 7:43 p.m.11 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the parsing of maliciously crafted Git repository data, such as .pack, .idx, or loose objects. An attacker can cause the application to panic by providing a payload that excee...

6.9CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/05/28 10:16 a.m.19 views

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

7.1CVSS0.00131EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/05/26 6:54 a.m.9 views

WordPress Realtyna Organic IDX plugin plugin <= 5.1.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by ParkHyunWoo in WordPress Plugin Realtyna Organic IDX plugin versions = 5.1.0...

5.9AI score0.00291EPSS
Exploits0Affected Software1
Amazon
Amazon
added 2026/05/26 12:0 a.m.19 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriti...

9.8CVSS6.2AI score0.00469EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2026/05/25 10:0 p.m.8 views

CVE-2026-9511

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.01057EPSS
Exploits0References5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:46 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git [CVE-2026-34165]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git, due to a flaw which can allow a maliciously crafted .idx file to cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service DoS condition...

5CVSS7.1AI score0.00147EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010799)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010799 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event wi...

5.5CVSS5.6AI score0.00187EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011157 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TC...

6.3AI score0.00193EPSS
Exploits0References4
NVD
NVD
added 2026/03/31 3:16 p.m.3 views

CVE-2026-34165

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS0.00147EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 3:16 p.m.3 views

DEBIAN-CVE-2026-34165

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS7.6AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2026/03/31 3:16 p.m.4 views

UBUNTU-CVE-2026-34165

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS5.7AI score0.00147EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/31 1:46 p.m.4 views

CVE-2026-34165

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS7.6AI score0.00147EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/31 1:46 p.m.2 views

CVE-2026-34165 go-git: Maliciously crafted idx file can cause asymmetric memory consumption

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS5.7AI score0.00147EPSS
Exploits0References2
CVE
CVE
added 2026/03/31 1:46 p.m.18 views

CVE-2026-34165

CVE-2026-34165 affects go-git (the Go-based git library). From 5.0.0 up to, but not including, 5.17.1, a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting memory and causing a DoS. Exploitation requires write access to the local repository’s .git direct...

5CVSS5.7AI score0.00147EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/31 1:46 p.m.23 views

CVE-2026-34165 go-git: Maliciously crafted idx file can cause asymmetric memory consumption

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS0.00147EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 1:46 p.m.3 views

CVE-2026-34165 go-git: Maliciously crafted idx file can cause asymmetric memory consumption

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS5.8AI score0.00147EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/30 5:17 p.m.23 views

go-git: Maliciously crafted idx file can cause asymmetric memory consumption

Impact A vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service DoS condition. Exploitation requires write access to the local repository's .git directory, it...

5CVSS5.8AI score0.00147EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29159

Name of the Vulnerable Software and Affected Versions go-git versions 5.0.0 through 5.17.0 Description A crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service DoS condition. Exploitation requires write access to the...

5CVSS5.9AI score0.00201EPSS
Exploits0References184
Rows per page
Query Builder