Lucene search
K

481 matches found

RedHat Linux
RedHat Linux
added 3 days ago5 views

github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint

A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint /api/v1/read by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service DoS...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 3 days ago5 views

github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint

A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint /api/v1/read by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service DoS...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References9
Debian CVE
Debian CVE
added 4 days ago5 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS6AI score0.00239EPSS
Exploits0
CVE
CVE
added 4 days ago11 views

CVE-2026-14122

The CVE-2026-14122 entry describes an issue in Google Chrome on Windows affecting the WebAppInstalls component of Chromium. The root cause is insufficient validation of untrusted input, allowing a remote attacker to perform arbitrary read/write via a crafted HTML page. The vulnerability impacts C...

8.1CVSS6AI score0.00239EPSS
Exploits0References2Affected Software1
OSV
OSV
added 5 days ago5 views

PYSEC-2026-512 Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore...

10CVSS7.5AI score0.02592EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 6:43 p.m.2 views

GO-2026-5264 Prometheus: Remote read endpoint allows denial of service via crafted snappy payload in github.com/prometheus/prometheus

Prometheus: Remote read endpoint allows denial of service via crafted snappy payload in github.com/prometheus/prometheus...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/25 12:0 a.m.7 views

CVE-2026-37452

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component...

5.9AI score0.00398EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Blink in Google Chrome before version 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.00557EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in the UI of Google Chrome before version 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.5AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. The supported versions affected by this vulnerability are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. The vulnerability is difficult t...

4.3CVSS6.7AI score0.04238EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.0061EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

In V8 of Google Chrome, out-of-bounds memory access prior to version 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01599EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

The use of WebCodecs with “after free” in Google Chrome before version 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

7.5CVSS7.2AI score0.0214EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.1CVSS7.5AI score0.01442EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Media in Google Chrome before version 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.1CVSS7.5AI score0.15475EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Base Internals in Google Chrome before version 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.0055EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, memory access out of bounds in CSS before version 116.0.5845.110 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

8.1CVSS7.3AI score0.10871EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : libssh (EulerOS-SA-2026-2405)

According to the versions of the libssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A weakness has been identified in libssh up to 0.11.3. The impacted element is the function...

7.5CVSS5.3AI score0.00631EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.12.0 : libssh (EulerOS-SA-2026-2105)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A weakness has been identified in libssh up to 0.11.3. The impacted element is the function...

8.2CVSS5.9AI score0.00631EPSS
Exploits0References7
Rows per page
Query Builder