Lucene search
+L

562 matches found

Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-61872 ImageMagick before 7.1.2-26 Memory Leak via TIFF Encoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...

2.5CVSS0.00096EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/08 7:33 p.m.7 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS6.6AI score0.04409EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/07 9:48 p.m.4 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS5.9AI score0.04409EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/06/26 2:13 a.m.9 views

SUSE CVE-2026-53002

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...

9.8CVSS5.9AI score0.00359EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.37 views

CVE-2026-53002 netfilter: conntrack: remove sprintf usage

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...

9.8CVSS0.00359EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:29 p.m.42 views

CVE-2026-53002

The CVE-2026-53002 entry documents a vulnerability in the Linux kernel’s netfilter/conntrack code. Root cause: use of sprintf with inadequate buffer handling in mangle_content_len(), leading to a potential stack-out-of-bounds write (KASAN). The fix replaces sprintf with scnprintf and increases th...

9.8CVSS5.9AI score0.00359EPSS
Exploits0References11Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/14 12:0 a.m.14 views

PT-2026-49113

Name of the Vulnerable Software and Affected Versions VS Revo RevoUninstaller versions 2.5.x through 2.6.x Description A heap-based buffer overflow exists in the IOCtl Handler function within the RevoDetector.sys library of the IOCTL Handler component. This issue requires local access to be...

8.5CVSS7.6AI score0.00142EPSS
Exploits0References13
OSV
OSV
added 2026/06/05 12:4 p.m.11 views

RLSA-2026:22528 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

5.3CVSS5.5AI score0.04409EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/06/05 12:3 p.m.17 views

mod_http2 security update

An update is available for modhttp2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of...

7.5CVSS6.8AI score0.04409EPSS
Exploits1
OSV
OSV
added 2026/06/05 12:3 p.m.11 views

RLSA-2026:22551 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

5.3CVSS6.8AI score0.04409EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.24 views

AlmaLinux 10 : mod_http2 (ALSA-2026:22528)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:22528 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

7.5CVSS6.9AI score0.04409EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.18 views

Oracle Linux 8 : httpd:2.4 (ELSA-2026-22140)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22140 advisory. - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 modmd Tenable has extracted the preceding...

9.8CVSS5.9AI score0.04409EPSS
Exploits1References7
NVD
NVD
added 2026/05/27 2:17 p.m.17 views

CVE-2026-45952

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

5.5CVSS0.00126EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.19 views

PT-2026-42954

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.31 Description A stack-based buffer overflow occurs in the formLicence function within the '/goform/formLicence' endpoint. This issue is triggered by the manipulation of the submit-url argument and can be initiated...

9CVSS7.5AI score0.00589EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/ast: astdp: Fixed the timeout for enabling the video signal The ASTDP transmitter sometimes takes up to 1 second to enable the video signal, while the timeout is only 200 msec. This results in a kernel error message. The...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 3:34 a.m.6 views

GHSA-VXVC-CG7J-RWQJ gittuf's policy can be rolled back to prior valid versions

Summary An attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. Impact gittuf determines the policy to load by inspecting the RSL. Except for the very first policy which is automatically...

6CVSS5.7AI score0.00198EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/05/05 12:0 a.m.22 views

osbuild-composer security update

149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...

7.5CVSS7.1AI score0.01127EPSS
Exploits0
OSV
OSV
added 2026/04/24 2:33 p.m.3 views

CVE-2026-31550 pmdomain: bcm: bcm2835-power: Increase ASB control timeout

In the Linux kernel, the following vulnerability has been resolved: pmdomain: bcm: bcm2835-power: Increase ASB control timeout The bcm2835asbcontrol function uses a tight polling loop to wait for the ASB bridge to acknowledge a request. During intensive workloads, this handshake intermittently...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References11
Oracle linux
Oracle linux
added 2026/04/21 12:0 a.m.18 views

osbuild-composer security update

149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming...

7.5CVSS7.3AI score0.00728EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Apache Cassandra 安全漏洞

Apache Cassandra is a distributed NoSQL database developed by the Apache Foundation in the United States. There are security vulnerabilities in Apache Cassandra versions 4.0, 4.1, and 5.0. These vulnerabilities allow authenticated users to increase query latency by repeatedly changing passwords,...

6.5CVSS6.6AI score0.00533EPSS
Exploits0References2
Rows per page
Query Builder