Lucene search
K

426 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40436

Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validatepasswordcompliance endpoint that returns different error responses for malformed, non-existent, and existing organization IDs. Unauthenticated attackers can enumerate valid organization UUIDs by observi...

6.9CVSS5.8AI score0.00261EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/30 1:3 p.m.7 views

EUVD-2026-40320

Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...

8.7CVSS5.8AI score0.0044EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.6 views

undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

7.5CVSS5.7AI score0.0217EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53868

Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description A denial of service issue exists when HTTP/2 is enabled in the HTTP Profile and associated with a virtual server of type LB, CS, or VPN...

8.7CVSS6.2AI score0.0044EPSS
Exploits0References13
NVD
NVD
added 2026/06/25 4:16 p.m.9 views

CVE-2026-9716

CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces...

8.7CVSS0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:2 p.m.5 views

CVE-2026-9716

CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 3:2 p.m.24 views

CVE-2026-9716

CVE-2026-9716 describes a CWE-476 NULL Pointer Dereference that could cause a denial-of-service, rendering a device’s HMI and configuration functionality unavailable when malformed requests hit exposed network interfaces. The root cause is a NULL pointer dereference; impact is high availability l...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52400

Name of the Vulnerable Software and Affected Versions EmberZNet versions prior to 9.0.3 Description Malformed Over-the-Air OTA requests can cause the OTA server parser to perform out-of-bounds reads, which occurs when the software reads data outside the intended boundary of a buffer. This allows ...

7.1CVSS5.8AI score0.00231EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/12 9:42 a.m.26 views

EUVD-2026-36408

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS5.2AI score0.00121EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/02 8:29 a.m.10 views

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/27 9:13 p.m.27 views

httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...

5.3CVSS5.8AI score0.00393EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/27 8:14 p.m.13 views

CVE-2026-48135

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 2:16 p.m.21 views

CVE-2026-48135

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS0.02607EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:57 p.m.10 views

CVE-2026-48135

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 12:57 p.m.51 views

CVE-2026-48135

Technical details about CVE-2026-48135 are not publicly available in the provided documents; no affected products, impact, or remediation are disclosed. Monitor for updates.

5.3CVSS5.8AI score0.02607EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 12:57 p.m.14 views

CVE-2026-48135 HTTP service can incorrectly process malformed HTTP requests

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 12:57 p.m.14 views

EUVD-2026-31822

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 12:57 p.m.42 views

CVE-2026-48135 HTTP service can incorrectly process malformed HTTP requests

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS0.02607EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.19 views

PT-2026-43239

Name of the Vulnerable Software and Affected Versions Check Point affected versions not specified Description A Check Point HTTP-based service incorrectly handles malformed HTTP requests due to issues in HTTP request parsing and validation. Recommendations At the moment, there is no information...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References3
CheckPoint Security
CheckPoint Security
added 2026/05/23 12:0 a.m.29 views

CVE-2026-48135 - HTTP service can incorrectly process malformed HTTP requests

Cause An input-handling issue in the HTTP request processing path. Symptoms - A Check Point HTTP-based service, such as Mobile Access Portal or Identity Awareness Portals except for Captive Portal, can incorrectly handle malformed HTTP requests. Gaia Portal is not affected by this issue. - The...

5.3CVSS5.6AI score0.02607EPSS
Exploits0
Rows per page
Query Builder