Lucene search
K

320 matches found

RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-15163

A flaw was found in Wireshark. A local user could trigger multiple protocol dissector infinite loops by providing specially crafted network traffic for analysis. This could lead to a Denial of Service DoS condition, making the application unresponsive. Mitigation To mitigate this issue, users...

7.5CVSS5.9AI score0.00187EPSS
Exploits0References8
EUVD
EUVD
added last week6 views

EUVD-2026-42411

Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References5
NVD
NVD
added last week10 views

CVE-2026-59879

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Listset, ListsetSize, ListsetIn, ListupdateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 30 to 2 31 in setListBounds in src/List.js, causing an empty List to ente...

8.7CVSS0.0037EPSS
Exploits1References5
CVE
CVE
added last week21 views

CVE-2026-59879

Immutable.js List contains a 32-bit trie overflow in List.js setListBounds that, prior to versions 4.3.9 and 5.1.8, can mishandle an index or size in the 2^30–2^31 range, leading to an uncatchable infinite loop for empty Lists, unbounded allocation for populated Lists, or silent wrap of large set...

8.7CVSS6AI score0.0037EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.7 views

PT-2026-56590

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.6 Wireshark versions 4.4.0 through 4.4.16 Description Multiple protocol dissectors contain infinite loops that can be triggered to cause a denial of service. A protocol dissector is a component that analyze...

7.5CVSS6.1AI score0.00187EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/07/02 10:12 a.m.17 views

CVE-2026-44740

A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...

7.5CVSS6AI score0.00295EPSS
Exploits0References6
Snyk
Snyk
added 2026/07/01 9:19 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS6AI score0.0009EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 5:41 p.m.2 views

SUSE-SU-2026:22433-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...

9.8CVSS7.4AI score0.93235EPSS
Exploits52References350
OSV
OSV
added 2026/06/20 3:24 p.m.3 views

CVE-2026-56307 Cap-go - Broken Cursor Pagination in /private/devices Endpoint

Cap-go before 12.128.12 contains a broken cursor pagination vulnerability in the /private/devices endpoint on the Cloudflare/workerd path that allows authenticated attackers to cause duplicate-page loops and make later rows unreachable. Attackers with app.readdevices access can exploit...

5.3CVSS6AI score0.00238EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/20 3:24 p.m.10 views

EUVD-2026-38124

Cap-go before 12.128.12 contains a broken cursor pagination vulnerability in the /private/devices endpoint on the Cloudflare/workerd path that allows authenticated attackers to cause duplicate-page loops and make later rows unreachable. Attackers with app.readdevices access can exploit...

5.3CVSS5.9AI score0.00238EPSS
Exploits0References2
CVE
CVE
added 2026/06/20 3:24 p.m.21 views

CVE-2026-56307

Cap-go before 12.128.12 has a broken cursor pagination vulnerability in the /private/devices endpoint of the Cloudflare/workerd path. Authenticated attackers with app.read_devices can exploit non-advancing cursor filters to trigger infinite pagination loops, causing duplicate pages and making lat...

5.3CVSS5.9AI score0.00238EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/20 3:24 p.m.33 views

CVE-2026-56307 Cap-go - Broken Cursor Pagination in /private/devices Endpoint

Cap-go before 12.128.12 contains a broken cursor pagination vulnerability in the /private/devices endpoint on the Cloudflare/workerd path that allows authenticated attackers to cause duplicate-page loops and make later rows unreachable. Attackers with app.readdevices access can exploit...

5.3CVSS0.00238EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 4:32 p.m.5 views

OPENSUSE-SU-2026:21079-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. - CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702. ...

10CVSS6.9AI score0.00868EPSS
Exploits3References30
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

National Security Agency Ghidra 安全漏洞

National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Versions of National Security Agency Ghidra prior to version 11.2 contained security vulnerabilities. These vulnerabilities were caused by an undefined static initialization...

4CVSS5.4AI score0.0011EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.20 views

SUSE SLES15 Security Update : wireshark (SUSE-SU-2026:2203-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2203-1 advisory. This update for wireshark fixes the following issues - CVE-2026-5401: AFP dissector crash bsc1263756. - CVE-2026-5403: SBC audio...

7.8CVSS6.8AI score0.00206EPSS
Exploits29References88
Rows per page
Query Builder