CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

357 matches found

DEBIAN-CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

5.9CVSS5.5AI score0.00088EPSS

Exploits0References1

NVD•added 2 days ago•4 views

CVE-2026-11788

5.9CVSS0.00088EPSS

Exploits0References3

Cvelist•added 2 days ago•25 views

CVE-2026-11788 389-ds-base: 389-ds-base: null pointer dereference in deref control plugin ber parser

5.9CVSS0.00088EPSS

Exploits0References3

EUVD•added 2 days ago•5 views

EUVD-2026-35420

5.9CVSS5.5AI score0.00088EPSS

Exploits0References3

Debian CVE•added 2 days ago•4 views

CVE-2026-11788

5.9CVSS5.5AI score0.00088EPSS

Exploits0

CVE•added 2 days ago•10 views

CVE-2026-11788

CVE-2026-11788 affects 389-ds-base (389 Directory Server) via the deref control plugin: it dereferences a BER structure without verifying allocation failure, enabling an unauthenticated remote attacker to crash the LDAP server under memory pressure. The issue is rooted in a null pointer dereferen...

5.9CVSS5.5AI score0.00088EPSS

Exploits0References3

Tenable Nessus•added 2 days ago•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-11788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an...

5.9CVSS5.5AI score0.00088EPSS

Exploits0References2

Positive Technologies•added 2 days ago•5 views

PT-2026-47778

5.9CVSS5.5AI score0.00088EPSS

Exploits0References4

RedhatCVE•added 6 days ago•6 views

CVE-2026-41484

OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...

5.9CVSS5.5AI score0.00017EPSS

Exploits0References1

RedhatCVE•added 6 days ago•4 views

CVE-2026-41483

OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure VM instance metadata service and reads the response body into memory without any size limit. An attacker w...

5.9CVSS5.5AI score0.00017EPSS

Exploits0References1

RedhatCVE•added 6 days ago•6 views

CVE-2026-41078

OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows based on a large observed span/tag set and that enlarged size is reused for subsequent allocations. Under...

5.9CVSS5.5AI score0.0006EPSS

Exploits0References1

RedhatCVE•added 6 days ago•6 views

CVE-2026-41173

The AWS X-Ray Remote Sampler package provides a sampler which can get sampling configurations from AWS X-Ray. Prior to 0.1.0-alpha.8, OpenTelemetry.Sampler.AWS reads unbounded HTTP response bodies from a configured AWS X-Ray remote sampling endpoint into memory. AWSXRaySamplerClient.DoRequestAsyn...

5.9CVSS5.6AI score0.00018EPSS

Exploits0References1

SUSE CVE•added 2026/05/29 1:15 a.m.•9 views

SUSE CVE-2026-46196

In the Linux kernel, the following vulnerability has been resolved: tracepoint: balance regfunc on funcadd failure in tracepointaddfunc When a tracepoint goes through the 0 - 1 transition, tracepointaddfunc invokes the subsystem's ext-regfunc before attempting to install the new probe via funcadd...

5.8AI score0.00024EPSS

Exploits0References3

OSV•added 2026/05/28 10:16 a.m.•3 views

UBUNTU-CVE-2026-46196

5.5CVSS5.7AI score0.00024EPSS

Exploits0References8

ATTACKERKB•added 2026/05/28 9:36 a.m.•6 views

CVE-2026-46196

5.7AI score0.00024EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/05/28 9:36 a.m.•27 views

CVE-2026-46196 tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func()

0.00024EPSS

Exploits0References5

Positive Technologies•added 2026/05/28 12:0 a.m.•8 views

PT-2026-44319

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the tracepoint add func function where the subsystem's ext-regfunc is invoked before attempting to install a new probe via func add. If func add fails, such ...

9.8CVSS5.9AI score0.00254EPSS

Exploits12References281

RedhatCVE•added 2026/05/27 6:40 p.m.•12 views

CVE-2026-46066

A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...

5.5CVSS5.9AI score0.00022EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: The crash occurred when performing a pressure test on mptcp. The following error occurred: dstrelease: dst: ffffa06ce6e5c058 refcnt: -1 The kernel attempted to execute a NX-protected page – an attempt to exploit a...

5.5CVSS5.7AI score0.00133EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Proper handling of extreme memory pressure situations Testing with iperf3 using the “pasta” protocol splicer revealed a problem with how TCP handles window advertisement in extreme memory pressure situations. Under memory...

5.5CVSS5.9AI score0.00014EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by