Lucene search
K

134 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41670

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...

5.3CVSS5.6AI score0.00277EPSS
Exploits0References5
Snyk
Snyk
added 3 days ago4 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the RRCInactiveTransitionReport function of the NGAP Message Handler component. An attacker can cause a service disruption by sending specially crafted messages remotely. Remediation Upgrade...

5.3CVSS6AI score0.00522EPSS
Exploits0References2
Snyk
Snyk
added 3 days ago3 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/nas/nassecurity...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in libxstream-java

XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to allocate 100% of the CPU resources on the target system, depending on the CPU type or the parallel execution of certain payloads. This...

7.5CVSS7AI score0.77801EPSS
Exploits1References1
Redos
Redos
added 2026/06/11 12:0 a.m.6 views

ROS-20260611-73-0004

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory, due to incorrect encoding based on the Base64 standard. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

9.1CVSS5.8AI score0.00599EPSS
Exploits1
Redos
Redos
added 2026/06/09 12:0 a.m.10 views

ROS-20260609-73-0021

The vulnerability of the Canvas2D component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient testing for unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.5CVSS5.4AI score0.00702EPSS
Exploits0
Redos
Redos
added 2026/06/05 12:0 a.m.5 views

ROS-20260605-73-0061

Vulnerability of Audio/Video components: Mozilla Firefox, Firefox ESR, and Thunderbird’s email client use web codecs. This vulnerability is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.5AI score0.00687EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/05/12 12:0 a.m.1 views

The vulnerability of the RxRPC module in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the RxRPC module in the Linux operating system’s kernel arises due to improper handling of fragmented packages and mechanisms for copying data into socket buffers. Exploiting this vulnerability allows an attacker to cause service failures...

7.8CVSS7.3AI score0.92766EPSS
Exploits20References17Affected Software8
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017694 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...

4.9CVSS6.7AI score0.01338EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.9 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities; these vulnerabilities stem from the lack of boundary checking in the modem component, which may lead to remote denial-of-service attacks...

6.5CVSS5.8AI score0.00216EPSS
Exploits0References2
Redos
Redos
added 2026/01/22 12:0 a.m.5 views

ROS-20260122-73-0014

A vulnerability in the Digital Credentials component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

8.8CVSS5.5AI score0.00393EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.11 views

CVE-2020-10620

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely...

9.8CVSS6.9AI score0.01214EPSS
Exploits0References1
NVD
NVD
added 2026/01/02 9:16 p.m.12 views

CVE-2026-21452

MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers lazily, it later...

7.5CVSS0.0055EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Oracle Linux 8 : cups (ELSA-2025-22063)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22063 advisory. 1:2.2.6-64 - RHEL-122666 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS Tenable has extracted the preceding description...

6.5CVSS7.2AI score0.01063EPSS
Exploits1References2
NVD
NVD
added 2025/11/14 11:15 p.m.7 views

CVE-2021-4467

Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...

8.7CVSS0.00411EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/14 10:51 p.m.5 views

CVE-2021-4467 Positive Technologies MaxPatrol 8 & XSpider Remote DoS

Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...

8.7CVSS6.8AI score0.00411EPSS
Exploits0References4
Redos
Redos
added 2025/08/18 12:0 a.m.4 views

ROS-20250818-05

Wireshark computer network traffic analyzer vulnerability related to insufficient validation of user data in GQUIC dissector. of user data in the GQUIC dissector. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a denial of service...

6.5CVSS6.6AI score0.01001EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2025/08/07 12:0 a.m.10 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to cause a service failure.

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

10CVSS7.9AI score0.00302EPSS
Exploits0References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/08/07 12:0 a.m.11 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to cause a service failure.

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

10CVSS7.9AI score0.00326EPSS
Exploits0References21Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/08/06 12:0 a.m.12 views

The vulnerability of the web page rendering module in WebKit-based operating systems such as iOS, iPadOS, macOS, tvOS, visionOS, watchOS, and the Safari browser allows a perpetrator to trigger a service failure.

The vulnerability of the web page rendering module in WebKit operating systems for iOS, iPadOS, macOS, tvOS, visionOS, watchOS, and the Safari browser arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow a malicious actor to cause service...

10CVSS7.5AI score0.01162EPSS
Exploits0References14Affected Software10
Rows per page
Query Builder