Lucene search
K

124 matches found

Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.18 views

PT-2026-23820

Name of the Vulnerable Software and Affected Versions Easy PHP Settings plugin for WordPress versions up to and including 1.0.4 Description The Easy PHP Settings plugin for WordPress is susceptible to PHP Code Injection due to inadequate input validation on the wp memory limit and wp max memory...

7.2CVSS6AI score0.00374EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2026/02/16 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-8037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.04604EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2026/02/12 3:41 p.m.10 views

USN-8037-1: DNSdist vulnerabilities

It was discovered that HTTP/2, which is used/vendored by DNSdist, did not properly account for resources when handling client-triggered stream resets. An attacker could possibly use this issue to cause a denial of service. CVE-2025-8671 It was discovered that DNSdist did not properly manage memor...

7.5CVSS5.7AI score0.04604EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : golang-1.18.9-1.el9, go-toolset-1.18.9-1.el9 (AXSA:2023-4904:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4904:01 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

7.5CVSS7.7AI score0.01544EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004407 advisory. A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver,...

5.5CVSS6.2AI score0.00538EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2025/12/10 3:26 a.m.9 views

CVE-2025-66627

Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory...

8.4CVSS7AI score0.00126EPSS
Exploits0References1
OSV
OSV
added 2025/12/04 4:16 p.m.5 views

UBUNTU-CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

5.7AI score0.00179EPSS
Exploits0References38
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990307 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with...

4.4CVSS6.2AI score0.00244EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/10/28 7:19 a.m.4 views

Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-alertmanager: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document th...

7.6CVSS7.1AI score0.37565EPSS
Exploits0References62
OSV
OSV
added 2025/10/17 5:8 p.m.5 views

GHSA-G46H-2RQ9-GW5M OpenBao has potential Denial of Service vulnerability when processing malicious unauthenticated JSON requests

Summary JSON objects after decoding might use more memory than their serialized version. It is possible to tune a JSON to maximize the factor between serialized memory usage and deserialized memory usage similar to a zip bomb. While reproducing the issue, we could reach a factor of about 35. This...

7.5CVSS6.8AI score0.00697EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2025/10/17 5:8 p.m.11 views

OpenBao has potential Denial of Service vulnerability when processing malicious unauthenticated JSON requests

Summary JSON objects after decoding might use more memory than their serialized version. It is possible to tune a JSON to maximize the factor between serialized memory usage and deserialized memory usage similar to a zip bomb. While reproducing the issue, we could reach a factor of about 35. This...

7.5CVSS6.8AI score0.00655EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-0490

Malware in sbrugna...

2.1CVSS6.3AI score0.0036EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-1999-1499

Malware in sbrugna...

5CVSS6.4AI score0.03073EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2006-7033

Malware in sbrugna...

4.9CVSS6.4AI score0.00884EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0072

Malware in sbrugna...

5.3CVSS6.4AI score0.01807EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-0098

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.00728EPSS
Exploits0References5
Snyk
Snyk
added 2025/09/15 12:0 a.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the parser process. An attacker can cause excessive memory consumption by submitting a specially crafted XML document, resulting in service disruption due to resource exhaustion...

8.7CVSS6.7AI score0.01279EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/10 4:9 p.m.5 views

CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS6.2AI score0.00319EPSS
Exploits0References5
OSV
OSV
added 2025/09/10 4:9 p.m.12 views

CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion

Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...

7.1CVSS6.6AI score0.00319EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 7:5 a.m.9 views

CVE-2024-52791

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR makes requests to other servers as part of normal operation, and these resource owners can return large amounts of JSON back to MMR for parsing. In parsing, MMR can consume large amounts of memory and...

7.5CVSS6.6AI score0.00728EPSS
Exploits0References1
Rows per page
Query Builder