Lucene search
K

13479 matches found

NVD
NVD
added yesterday5 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41880

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-13122

Summary: CVE-2026-13122 affects OpenVPN up to v2.6.20 and v2.7.4 (including 2.7_alpha1–2.7.4). A malformed authentication token, when external-auth is enabled, can trigger a reachable assertion and cause a denial of service. Impact: Denial of service; vulnerability affects remote attacker exploit...

5.9CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday26 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-13122

OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...

5.9CVSS6AI score
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added yesterday7 views

CVE-2026-14631

A flaw was found in webpack-dev-server. An unauthenticated remote attacker could send a specially crafted HTTP request with a malformed Host header or a WebSocket upgrade with a malformed Origin header. This malformed input causes an uncaught exception, leading to the termination of the Node.js...

5.3CVSS5.9AI score0.00308EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-56361

A flaw was found in ImageMagick. An attacker can exploit an off-by-one error in the morphology validation by providing incorrect morphology parameters. This can lead to out-of-bounds heap buffer reads and heap buffer overflow, potentially causing memory access violations. Mitigation To reduce...

7.1CVSS6AI score0.00128EPSS
Exploits0References5
Snyk
Snyk
added 4 days ago4 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via a malformed SSH sub-verb in the authentication process. An attacker can gain unauthorized read access to private repositories by crafting specific SSH requests. Remediation Upgrade github.com/go-gitea/gitea/c...

7.7CVSS6AI score0.0031EPSS
Exploits0References2
NVD
NVD
added 4 days ago7 views

CVE-2026-27779

Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation...

7.5CVSS0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-58423 LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories...

7.7CVSS0.0031EPSS
Exploits0References4
CVE
CVE
added 4 days ago21 views

CVE-2026-14631

Vulnerability overview: CVE-2026-14631 affects webpack-dev-server up to version 5.2.5. An unauthenticated peer sending a normal HTTP request with a malformed Host header or a WebSocket upgrade to /ws with a malformed Origin header triggers an uncaught exception in the host-validation path, crashi...

5.3CVSS6AI score0.00308EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 4 days ago39 views

CVE-2026-14631 webpack-dev-server vulnerable to denial of service via a malformed Host or Origin header

webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught...

5.3CVSS0.00308EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-55656

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authentication bypass exists when using a malformed SSH sub-verb during LFS Large File Storage operations. This flaw allows unauthorized read access to privat...

7.7CVSS6AI score0.0031EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago25 views

CVE-2026-12413 IKEv2 Denial of Service via malformed fragmentation

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS0.00597EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago10 views

EUVD-2026-41277

In liboauth2 the Demonstrating Proof-of-Possession DPoP verifier accepts a proof whose JSON Web Key jwk header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a proof but oauth2tokenverify function returns success for a malformed DPoP proof that...

5.1CVSS5.8AI score0.00128EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-54431

In liboauth2 the Demonstrating Proof-of-Possession DPoP verifier accepts a proof whose JSON Web Key jwk header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a proof but oauth2tokenverify function returns success for a malformed DPoP proof that...

5.1CVSS5.8AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago7 views

EUVD-2022-49111

Open Babel has out-of-bounds write in MOPAC translationVectors FINAL POINT...

9.8CVSS7.2AI score0.00863EPSS
Exploits1References5
EUVD
EUVD
added 6 days ago4 views

EUVD-2022-49107

Open Babel has out-of-bounds write in ORCA nAtoms parser...

9.8CVSS7.2AI score0.00816EPSS
Exploits1References5
EUVD
EUVD
added 6 days ago4 views

EUVD-2022-47394

Open Babel has uninitialized pointer dereference in MSI atom parser...

9.8CVSS7.2AI score0.00816EPSS
Exploits1References5
EUVD
EUVD
added 6 days ago8 views

EUVD-2022-46603

Open Babel has out-of-bounds write in MOL2 attribute/value parser...

8.1CVSS7.1AI score0.00796EPSS
Exploits1References5
Rows per page
Query Builder