Lucene search
K

521 matches found

Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.5 views

PT-2026-32346

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The bridge MRP component fails to validate user-supplied interval values from netlink in the br mrp start test, br mrp start in test, and br mrp start in test parse functions. When an...

7.8CVSS5.1AI score0.00129EPSS
Exploits0References483
UbuntuCve
UbuntuCve
added 2026/04/13 12:0 a.m.3 views

CVE-2026-31420

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...

5.5CVSS6AI score0.00091EPSS
Exploits0References2
NVD
NVD
added 2026/04/12 4:16 a.m.2 views

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS0.01766EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/12 2:45 a.m.2 views

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS7AI score0.01766EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/10 5:17 p.m.4 views

CVE-2026-35599

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the addRepeatIntervalToTime function uses an On loop that advances a date by the task's RepeatAfter duration until it exceeds the current time. By creating a repeating task with a 1-second interval and a due date far ...

6.5CVSS0.00347EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/10 3:34 p.m.6 views

Vikunja has Algorithmic Complexity DoS in Repeating Task Handler

Summary The addRepeatIntervalToTime function uses an On loop that advances a date by the task's RepeatAfter duration until it exceeds the current time. By creating a repeating task with a 1-second interval and a due date far in the past, an attacker triggers billions of loop iterations, consuming...

6.5CVSS5.8AI score0.00347EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.3 views

PT-2026-31950

Name of the Vulnerable Software and Affected Versions: Vikunja versions prior to 2.3.0 Description: Vikunja, a self-hosted task management platform, contains an issue where the addRepeatIntervalToTime function uses an inefficient loop. An attacker can create a repeating task with a 1-second...

6.5CVSS5.9AI score0.00347EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2026/04/06 11:24 p.m.5 views

SUSE CVE-2026-33029

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS5.7AI score0.00948EPSS
Exploits1References3
OSV
OSV
added 2026/04/02 6:42 p.m.6 views

GO-2026-4902 nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI

nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI...

6.9CVSS5.9AI score0.00948EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29945

nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI...

6.9CVSS5.9AI score0.00948EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/31 10:58 p.m.2 views

CVE-2026-33029

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS5.8AI score0.00948EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.3 views

Fedora 44 : cpp-httplib (2026-03599f0b32)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-03599f0b32 advisory. Update to 0.38.0 rhbz2447261 - Filename sanitization for path traversal prevention Added sanitizefilename to prevent path traversal attacks via malicious...

8.7CVSS5.9AI score0.00179EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/30 5:59 p.m.22 views

CVE-2026-33029 Nginx UI: DoS via Negative Integer Input in Logrotate Interval

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS0.00948EPSS
Exploits1References2
OSV
OSV
added 2026/03/30 5:59 p.m.5 views

CVE-2026-33029 Nginx UI: DoS via Negative Integer Input in Logrotate Interval

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS5.8AI score0.00948EPSS
Exploits1References4
CVE
CVE
added 2026/03/30 5:59 p.m.18 views

CVE-2026-33029

CVE-2026-33029 affects Nginx UI (web UI for Nginx). An input validation flaw in the logrotate configuration allows an authenticated user to submit a negative integer for the rotation interval, causing the backend to enter an infinite loop or invalid state and rendering the UI unresponsive (DoS). ...

6.9CVSS5.8AI score0.00948EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 5:59 p.m.2 views

CVE-2026-33029 Nginx UI: DoS via Negative Integer Input in Logrotate Interval

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS5.8AI score0.00948EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/30 5:59 p.m.2 views

CVE-2026-33029

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS5.8AI score0.00948EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/30 4:38 p.m.10 views

nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval

Summary An input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enters an infinite loop or an invalid state, rendering the web interface...

6.9CVSS6AI score0.00948EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/03/30 4:38 p.m.4 views

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition due to improper input validation in the POST /api/settings handler for the logrotate.interval field. An attacker can make the web interface unresponsive by submitting a negative interval value, causing...

6.9CVSS5.9AI score0.00948EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/30 4:38 p.m.3 views

Unchecked Input for Loop Condition

Overview github.com/0xJacky/Nginx-UI/settings is a yet another Nginx Web UI Affected versions of this package are vulnerable to Unchecked Input for Loop Condition due to improper input validation in the POST /api/settings handler for the logrotate.interval field. An attacker can make the web...

6.9CVSS5.9AI score0.00948EPSS
Exploits1References2
Rows per page
Query Builder