Lucene search
K

430 matches found

CVE
CVE
added 2026/05/13 2:12 p.m.52 views

CVE-2026-42946

A vulnerability CVE-2026-42946 affects the NGINX ngx_http_scgi_module and ngx_http_uwsgi_module. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with MITM control over upstream responses may trigger excessive memory allocation or an out-of-bounds read in the NGINX worker, ...

8.3CVSS5.8AI score0.00932EPSS
Exploits0References1Affected Software7
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.14 views

PT-2026-40682

Name of the Vulnerable Software and Affected Versions NGINX affected versions not specified Description An issue in the ngx http scgi module and ngx http uwsgi module modules can lead to excessive memory allocation or an over-read of data. When scgi pass or uwsgi pass is configured, an...

8.3CVSS6AI score0.00932EPSS
Exploits0References65
Redos
Redos
added 2026/05/12 12:0 a.m.12 views

ROS-20260512-73-0010

Vulnerability in beats related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

6.5CVSS5.9AI score0.002EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.8 views

SUSE SLES15 Security Update : nginx (SUSE-SU-2026:1761-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1761-1 advisory. - CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. -...

8.8CVSS6.2AI score0.21621EPSS
Exploits0References13
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28634

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

5.8AI score0.00224EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/05/08 8:58 a.m.10 views

Security update for nginx

This update for nginx fixes the following issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

8.3CVSS7.6AI score0.21621EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2026/05/05 12:0 a.m.9 views

CVE-2026-34032

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-300

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...

8.8CVSS8.5AI score0.00944EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/29 12:40 p.m.12 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/29 9:0 a.m.9 views

CVE-2026-41677

A flaw was found in rust-openssl, a library that provides OpenSSL functionalities for Rust applications. The library's password callback functions did not correctly check the size of data provided by a user's callback. This oversight could allow a specially crafted password callback to read beyon...

9.1CVSS4.8AI score0.00294EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/04/27 12:0 a.m.4 views

The vulnerability of the shared_cpu_map function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the sharedcpumap function in the Linux operating system relates to reading memory beyond the allocated buffer. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.1CVSS5.8AI score0.00138EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/04/20 12:0 a.m.3 views

The vulnerability of the jv_parse_sized() function in the programming language jq, which allows a hacker to trigger a denial-of-service attack.

The vulnerability of the jvparsesized function in the programming language jq is related to reading data beyond the allowable range of memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

9.4CVSS5.8AI score0.00559EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2026/04/19 6:22 a.m.125 views

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CVE-2026-3055 - Security Vulnerability Severity: N/A CV...

9.8CVSS5.8AI score0.83996EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.7 views

nginx 1.1.19 < 1.28.3 / 1.29.x < 1.29.7 Multiple Vulnerabilities in ngx_http_mp4_module

The installed version of nginx is 1.1.19 prior to 1.28.3, or 1.29.x prior to 1.29.7. It is, therefore, affected by multiple vulnerabilities : - The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-wri...

8.5CVSS7.8AI score0.01031EPSS
Exploits0References5
Redos
Redos
added 2026/04/14 12:0 a.m.8 views

ROS-20260414-73-0058

A vulnerability in the ieee80211rxhaction function in the net/mac80211/rx.c module of the mac80211 stack implementation of the Linux operating system kernel is related to memory reads outside of the allocated buffer. Exploitation of the vulnerability may allow an intruder to affect confidentialit...

7.8CVSS7.2AI score0.00144EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006761 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to...

7.1CVSS5.9AI score0.00164EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/04/01 7:53 p.m.134 views

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CVE-2026-3055 NetScaler SAML IdP check Python helper to probe...

9.8CVSS7.2AI score0.83996EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/03/31 4:23 p.m.128 views

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

🔍 CVE-2026-3055 Scanner - NetScaler Memory Overread Detection...

9.8CVSS5.8AI score0.83996EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/03/31 4:7 p.m.147 views

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

🔓 CVE-2026-3055 - Citrix NetScaler Memory Overread Exploit !...

9.8CVSS7.3AI score0.83996EPSS
Exploits7
Nuclei
Nuclei
added 2026/03/30 4:19 p.m.31 views

Citrix NetScaler SAML IDP - Memory Overread

NetScaler ADC and NetScaler Gateway contain an insufficient input validation vulnerability when configured as a SAML IDP, leading to memory overread, letting attackers potentially access sensitive memory, exploit requires configuration as SAML IDP id: CVE-2026-3055 info: name: Citrix NetScaler SA...

9.8CVSS7.4AI score0.83996EPSS
Exploits7References3
Rows per page
Query Builder