Lucene search
K

52 matches found

ATTACKERKB
ATTACKERKB
added last week8 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score0.00487EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added last week4 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score0.00487EPSS
Exploits0References1
Cvelist
Cvelist
added last week36 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS0.00487EPSS
Exploits0References1
EUVD
EUVD
added last week4 views

EUVD-2026-41880

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score0.00487EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in golang-golang-x-oauth2

An attacker can pass a maliciously malformed token, causing unexpected memory consumption during parsing...

7.5CVSS6.4AI score0.00804EPSS
Exploits0References2
OSV
OSV
added 2026/04/30 1:1 a.m.11 views

CLEANSTART-2026-HV96032 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the kor package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS6.3AI score0.00804EPSS
Exploits0References4
OSV
OSV
added 2026/04/30 1:1 a.m.8 views

CLEANSTART-2026-OL12277 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the kor package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS7.3AI score0.00804EPSS
Exploits0References4
OSV
OSV
added 2026/04/30 1:0 a.m.8 views

CLEANSTART-2026-MD91760 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the kor package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS6.3AI score0.00804EPSS
Exploits0References4
OSV
OSV
added 2026/04/10 1:4 a.m.8 views

CLEANSTART-2026-OC72960 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the gpu-operator-fips package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS6.7AI score0.00804EPSS
Exploits0References5
OSV
OSV
added 2026/04/10 1:3 a.m.7 views

CLEANSTART-2026-KL76732 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the gpu-operator package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS6.7AI score0.00804EPSS
Exploits0References5
OSV
OSV
added 2026/04/10 12:51 a.m.19 views

CLEANSTART-2026-BM53321 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the kube-state-metrics package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS6.8AI score0.01945EPSS
Exploits7References61
OSV
OSV
added 2026/04/10 12:51 a.m.8 views

CLEANSTART-2026-AR20742 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the prometheus-mysqld-exporter package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00804EPSS
Exploits1References11
OSV
OSV
added 2026/04/10 12:50 a.m.15 views

CLEANSTART-2026-RI97043 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the prometheus-mysqld-exporter package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS6.9AI score0.00804EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.5 views

CVE-2026-32269

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.13 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation, a malformed value ...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2026/03/16 9:53 a.m.3 views

BIT-PARSE-2026-32269 Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation, a malformed value is sent t...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/12 7:43 p.m.28 views

CVE-2026-32269 Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.13 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation, a malformed value ...

6.3CVSS0.00276EPSS
Exploits0References3
OSV
OSV
added 2026/03/12 7:43 p.m.5 views

CVE-2026-32269 Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.13 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation, a malformed value ...

6.3CVSS5.8AI score0.00276EPSS
Exploits0References5
OSV
OSV
added 2026/01/30 4:57 p.m.5 views

CLEANSTART-2026-DN29911 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Security vulnerability affects the clickhouse-operator package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

9.8CVSS5.6AI score0.00804EPSS
Exploits0References3
OSV
OSV
added 2026/01/30 4:56 p.m.7 views

CLEANSTART-2026-ZR62045 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the clickhouse-operator package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS8.5AI score0.00804EPSS
Exploits0References7
OSV
OSV
added 2026/01/30 4:56 p.m.4 views

CLEANSTART-2026-JM16286 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing

Multiple security vulnerabilities affect the clickhouse-operator package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details...

9.8CVSS7.3AI score0.00804EPSS
Exploits0References7
Rows per page
Query Builder