Lucene search
K

40 matches found

OSV
OSV
added 2026/05/22 1:17 p.m.3 views

OESA-2026-2385 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through...

7.5CVSS7.3AI score0.00376EPSS
Exploits0References3
OSV
OSV
added 2026/05/22 1:17 p.m.6 views

OESA-2026-2383 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through...

7.5CVSS7.3AI score0.00376EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.3 views

SUSE SLES15 Security Update : nodejs20 (SUSE-SU-2026:1363-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1363-1 advisory. Update to version 20.20.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism...

7.5CVSS7.1AI score0.00126EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/04/15 2:16 p.m.6 views

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to version 20.20.2. CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism allows for performance degradation via a crafted request bsc1260494. CVE-2026-21716: incomplete fix for CVE-2024-36137...

8.7CVSS5.8AI score0.00126EPSS
Exploits0References28
EUVD
EUVD
added 2026/04/02 6:31 p.m.3 views

EUVD-2025-209188

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

7.5CVSS5.9AI score0.00376EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 5:16 p.m.2 views

CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

7.5CVSS0.00376EPSS
Exploits0References1
OSV
OSV
added 2026/04/02 5:16 p.m.1 views

UBUNTU-CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 3:54 p.m.1 views

CVE-2025-58136

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

5.9AI score0.00376EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/02 3:54 p.m.7 views

CVE-2025-58136

CVE-2025-58136 : In Apache Traffic Server, a bug in POST request handling causes a crash under a certain condition affecting 10.0.0–10.1.1 and 9.0.0–9.2.12. A fix is provided in 10.1.2 and 9.2.13. As a temporary workaround for older releases, set proxy.config.http.request_buffer_enabled to 0 (def...

7.5CVSS5.9AI score0.00376EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.3 views

PT-2026-29792

A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to...

7.5CVSS6AI score0.00376EPSS
Exploits0References7
OSV
OSV
added 2026/03/03 12:9 a.m.2 views

OSV-2026-338 Use-of-uninitialized-value in pjsip_auth_clt_init_req

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488721002 Crash type: Use-of-uninitialized-value Crash state: pjsipauthcltinitreq fuzz-sip.c fuzz-sip.c...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2023-53718

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00129EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-16203

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.00017EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 a.m.7 views

CVE-2017-14149

GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request...

7.5CVSS6.9AI score0.00336EPSS
Exploits1References1
NVD
NVD
added 2025/04/14 2:15 p.m.15 views

CVE-2025-32906

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

7.5CVSS0.00393EPSS
Exploits0References16
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.1 views

Sharp MFP 安全漏洞

Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that originates from providing a web page to download data, where improper handling of query parameters in the HTTP request results in an out-of-bounds read vulnerability, and a crafted...

7.5CVSS8.8AI score0.00219EPSS
Exploits0References3
Debian
Debian
added 2024/10/20 9:27 p.m.14 views

[SECURITY] [DLA 3925-1] asterisk security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3925-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 20, 2024 https://wiki.debian.org/LTS -...

8.8CVSS8.5AI score0.3195EPSS
Exploits4
NVD
NVD
added 2024/01/24 5:15 p.m.9 views

CVE-2024-23641

SvelteKit is a web development kit. In SvelteKit 2, sending a GET request with a body eg to a built and previewed/hosted sveltekit app throws Request with GET/HEAD method cannot have body. and crashes the preview/hosting. After this happens, one must manually restart the app. TRACE requests will...

7.5CVSS7.5AI score0.00263EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/12/21 12:0 a.m.2 views

Isode M-Vault 安全漏洞

Isode M-Vault is a high performance secure LDAP/X.500 server from Isode UK. A security vulnerability exists in Isode M-Vault versions R16.0v0 through R17.0v23, which stems from a program that crashes on LDAP v1 bind requests...

7.5CVSS7.3AI score0.00389EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.1 views

Bosch 多款产品安全漏洞

Bosch Access Professional Edition is an enterprise access control and security management solution.BOSCH VRM is an application software.Bosch BVMS is an application system. BOSCH VRM is an application software.Bosch BVMS is an application system.Bosch Access Easy Controller Bosch Aec is an...

9.1CVSS7.5AI score0.0029EPSS
Exploits0References2
Rows per page
Query Builder