CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

71 matches found

DEBIAN-CVE-2026-10725

Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...

7.5CVSS5.7AI score0.00053EPSS

Exploits0References1

OSV•added 6 days ago•4 views

DEBIAN-CVE-2026-50260

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00012EPSS

Exploits0References1

OSV•added 2026/05/27 3:16 p.m.•5 views

DEBIAN-CVE-2026-45022

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit or tag objects contain ambiguous or malformed headers, go-git’s decoded representation may expose...

7.5CVSS5.8AI score0.00006EPSS

Exploits0References1

OSV•added 2026/04/15 8:29 p.m.•3 views

JLSEC-2026-118

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007...

6.1CVSS5.8AI score0.00154EPSS

Exploits0References4

OSV•added 2026/02/14 5:15 p.m.•2 views

DEBIAN-CVE-2026-23201

In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...

5.5CVSS5.2AI score0.00017EPSS

Exploits0References1

OSV•added 2026/02/04 8:42 a.m.•0 views

BELL-CVE-2025-71189

Bulletin has no description...

5.5CVSS4.9AI score0.00009EPSS

Exploits0References1

Debian CVE•added 2025/12/24 10:55 a.m.•3 views

CVE-2023-53867

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...

5.9AI score0.00032EPSS

Exploits0

OSV•added 2025/12/06 6:6 a.m.•1 views

BELL-CVE-2025-40221

Bulletin has no description...

6.9AI score0.00024EPSS

Exploits0References1