CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

CNNVD•added 2026/06/10 12:0 a.m.•9 views

Kanidm 安全漏洞

Kanidm is a simple and secure identity management platform developed by Kanidm itself. Versions of Kanidm prior to 1.9.3 contained security vulnerabilities. These vulnerabilities were caused by the recursive descent PEG parser in SCIM endpoints, which led to a stack overflow when processing neste...

8.7CVSS5.5AI score0.00317EPSS

Exploits0References1

OSV•added 2026/05/05 11:8 p.m.•8 views

CLSA-2026-1778022490 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: limit number of open IMAP parser lists in imap-login to prevent excessive memory usage DoS via deeply-nested parentheses...

7.5CVSS5.8AI score0.0039EPSS

Exploits1References1

OSV•added 2026/05/05 10:31 a.m.•5 views

CLSA-2026-1777977059 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: limit the number of open IMAP parser lists in imap-login to prevent excessive memory usage from deeply nested parentheses e.g. NOOP...

7.5CVSS5.8AI score0.0039EPSS

Exploits1References1

OSV•added 2026/05/05 10:25 a.m.•5 views

CLSA-2026-1777976700 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: limit the number of open IMAP parser lists in imap-login to prevent excessive memory usage from deeply nested parentheses e.g. NOOP...

7.5CVSS5.8AI score0.0039EPSS

Exploits1References1

Packet Storm•added 2026/04/22 12:0 a.m.•68 views

📄 Dovecot IMAP NOOP Command Memory Exhaustion Denial of Service

This Metasploit auxiliary module targets a memory exhaustion vulnerability in the Dovecot IMAP service. It opens multiple concurrent TCP connections and sends specially crafted NOOP commands containing deeply nested parentheses to force excessive memory allocation on the server. By sustaining the...

7.5CVSS5.8AI score0.0039EPSS

Exploits1

Github Security Blog•added 2026/03/05 6:20 p.m.•7 views

xgrammar vulnerable to DoS via multi-layer nesting

Summary The multi-level nested syntax caused a segmentation fault core dump. Details A trigger stack overflow or memory exhaustion was caused by constructing a malicious grammar rule containing 30,000 layers of nested parentheses. PoC !/usr/bin/env python3 """ XGrammar - Math Expression Generatio...

8.7CVSS5.9AI score0.00421EPSS

Exploits1References4Affected Software1

SUSE CVE•added 2023/02/15 6:3 a.m.•2 views

SUSE CVE-2009-1885

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...

4.3CVSS6.8AI score0.05324EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 5:4 a.m.•2 views

SUSE CVE-2016-3191

The compilebranch function in pcrecompile.c in PCRE 8.x before 8.39 and pcre2compile.c in PCRE2 before 10.22 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based...

3.7CVSS7.8AI score0.0843EPSS

Exploits1References23

RedHat Linux•added 2023/01/12 9:24 a.m.•62 views

Moderate: Red Hat Security Advisory: dbus security update

An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

6.5CVSS6.5AI score0.0131EPSS

Exploits3References4

RedHat Linux•added 2016/05/26 8:35 a.m.•7 views

pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)

9.8CVSS7.7AI score0.0843EPSS

Exploits1References4

RedHat Linux•added 2016/05/11 1:7 p.m.•2 views

pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)

9.8CVSS7.7AI score0.0843EPSS

Exploits1References4

CNVD•added 2016/03/19 12:0 a.m.•2 views

PCRE and PCRE2 'compile_branch' function denial of service vulnerability

PCRE is an open source regular expression library written in C. PCRE2 is an API for modifying PCRE. The 'compilebranch' function of PCRE and PCRE2 failed to properly handle regular expressions containing 'ACCEPT' substrings and nested parentheses. A remote attacker submitting a specially crafted...

9.8CVSS9.6AI score0.0843EPSS

Exploits1References1

OSV•added 2016/03/17 11:59 p.m.•3 views

ALPINE-CVE-2016-3191

9.8CVSS7.8AI score0.0843EPSS

Exploits1References1

OSV•added 2016/03/17 11:59 p.m.•3 views

DEBIAN-CVE-2016-3191

9.8CVSS9.2AI score0.0843EPSS

Exploits1References1

OSV•added 2016/03/17 12:0 a.m.•1 views

UBUNTU-CVE-2016-3191

9.8CVSS7.5AI score0.0843EPSS

Exploits1References3

OpenVAS•added 2009/12/10 12:0 a.m.•18 views

Mandriva Security Advisory MDVSA-2009:223-1 (xerces-c)

The remote host is missing an update to xerces-c announced via advisory MDVSA-2009:223-1. OpenVAS Vulnerability Test $Id: mdksa20092231.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:223-1 xerces-c Authors: Thomas Reinke Copyright: Copyright c 2009...

4.3CVSS9.4AI score0.05324EPSS

Exploits1

UbuntuCve•added 2009/08/11 6:30 p.m.•30 views

CVE-2009-1885

4.3CVSS7.2AI score0.05324EPSS

Exploits1References1

Snyk•added 2009/08/11 6:30 p.m.•3 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested...

4.3CVSS6.8AI score0.05324EPSS

Exploits1References2

OSV•added 2009/08/11 6:30 p.m.•3 views

DEBIAN-CVE-2009-1885

4.3CVSS6.8AI score0.05324EPSS

Exploits1References1