Lucene search
K

23 matches found

NVD
NVD
added 2026/06/25 1:16 p.m.12 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 12:22 p.m.33 views

CVE-2026-40011 Prometheus denial of service via crafted DNS queries

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39346

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/25 12:22 p.m.5 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/25 12:22 p.m.7 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0
OSV
OSV
added 2026/06/25 12:22 p.m.1 views

CVE-2026-40011 Prometheus denial of service via crafted DNS queries

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS6AI score0.00158EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-47405

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.5AI score0.00075EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 5:16 p.m.14 views

CVE-2025-47408

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS0.00075EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 5:16 p.m.13 views

CVE-2025-47405

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS0.00075EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:43 p.m.3 views

CVE-2025-47408

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 4:43 p.m.7 views

EUVD-2025-209633

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 4:43 p.m.7 views

CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.31 views

CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS0.00075EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.12 views

PT-2026-36841

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.12 views

PT-2026-36844

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when another driver calls an IOCTL Input/Output Control, which is a device driver communication mechanism, using an invalid input or...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 4:9 p.m.10 views

CVE-2026-34480

A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML outpu...

7.5CVSS5.7AI score0.0086EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/10 6:31 p.m.6 views

EUVD-2026-21490

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/04/10 3:42 p.m.4 views

CVE-2026-34480

Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.htmlXmlLayout , in versions up to and including 2.25.3, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets producing invalid XML output whenever a log message or M...

7.5CVSS5.2AI score0.0086EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28114

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00615EPSS
Exploits0References1
Veracode
Veracode
added 2022/10/11 6:38 a.m.12 views

Insecure Signature Verification

blst is vulnerable to insecure signature verification. The vulnerability exists due to bindingstrim.pl, which can produce incorrect outputs for some inputs. This flaw can result in an invalid signature...

1.9AI score
Exploits0
Rows per page
Query Builder