Lucene search
+L

4 matches found

ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.9 views

PT-2026-53998

Name of the Vulnerable Software and Affected Versions txtai versions prior to 9.10.1 Description The software exposes an API endpoint '/reindex' where the function body parameter is processed by txtai.util.Resolver. This resolver performs import and getattr on a dotted path provided by the user...

9.8CVSS6.5AI score0.00725EPSS
Exploits0References7
github
github
added 2026/06/05 3:27 p.m.23 views

Klever-Go KVM: Hash-array amplification in P2P resolver request handling

Summary A connected peer can send a compressed RequestDataTypeHashArrayType direct request that is only 442 bytes on the wire but expands into 200000 decoded hash entries inside the resolver path. On klever-go v1.7.17, this allows remote memory and CPU amplification against nodes that accept P2P...

8.6CVSS5.5AI score0.0038EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/06/04 4:9 p.m.41 views

CVE-2026-50076 Apache Fory: Java ReplaceResolverSerializer deserialization checks bypass

Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks and invoke classpath-present readResolve/readExternal hooks via...

0.0052EPSS
Exploits0References1
osv
osv
added 2020/06/08 8:15 p.m.4 views

CVE-2020-13960

D-Link DSL 2730-U IN1.10 and IN1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses and also offer Internet services such as HTTP for names that otherwise would have had an NXDOMAIN erro...

7.5CVSS5.8AI score0.01192EPSS
Exploits1References1
Rows per page
Query Builder