Lucene search
K

3003 matches found

CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Rack 注入漏洞

Rack is a modular Ruby web server interface developed by the Rack open-source project. Versions of Rack from 3.2.0 to 3.2.6 contained an injection vulnerability. This vulnerability stemmed from an error in the multi-part resolver that improperly expanded and folded headers, which could lead to HT...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/01 10:13 p.m.10 views

3box-orbitdb-plugins (>=2.0.0 <=2.1.2), 3id-connect (>=0.1.0 <=1.0.0-beta.15) +2280 more potentially affected by unknown CVE via @stablelib/ed25519 (>=0.7.2 <=1.0.3)

@stablelib/ed25519 NPM version =0.7.2, =2.0.0, =0.1.0, =1.0.0-alpha.6, =0.1.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.0.1, =1.0.21, =1.0.42, =0.0.1, =0.1.0, =1.0.0, =1.10.4 and more Source cves: unknown CVE Source advisory: OSV:GHSA-X3FF-W252-2G7J...

5.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.6 views

PT-2026-30698

Name of the Vulnerable Software and Affected Versions Apache HTTP Server affected versions not specified Description A persistent denial of service can occur due to resource exhaustion in the LocalImageResolver.java component. This could lead to a local denial of service without requiring...

6.2CVSS6AI score0.00101EPSS
Exploits0References14
OSV
OSV
added 2026/04/01 12:0 a.m.5 views

ASB-A-456471290

In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS6AI score0.00101EPSS
Exploits0References3
Fedora
Fedora
added 2026/03/31 12:27 a.m.6 views

[SECURITY] Fedora 44 Update: bind-9.18.47-1.fc44

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.3AI score0.01545EPSS
Exploits0
Fedora
Fedora
added 2026/03/29 12:50 a.m.7 views

[SECURITY] Fedora 43 Update: bind-9.18.47-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.3AI score0.01545EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/28 12:25 a.m.4 views

SUSE CVE-2026-33211

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the pathInRepo parameter. A tenant with permissi...

9.6CVSS6AI score0.00573EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-32945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS...

9.8CVSS5.5AI score0.00308EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/28 12:0 a.m.5 views

Security update for python-dynaconf (important)

openSUSE security update: security update for python-dynaconf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20429-1 Rating: important References: bsc1260063 Cross-References: CVE-2026-33154 Affected Products: openSUSE Leap 16.0...

8.1CVSS5.9AI score0.00526EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/03/26 5:10 p.m.10 views

SUSE CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/03/25 4:46 p.m.5 views

CVE-2026-3104

A flaw was found in the BIND resolver. A remote attacker can exploit this vulnerability by querying a specially crafted domain, which causes a memory leak. This memory leak can lead to a Denial of Service DoS condition, making the BIND resolver unavailable to legitimate users. Mitigation To...

7.5CVSS5.8AI score0.00698EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/25 3:31 p.m.3 views

EUVD-2026-15410

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS5.8AI score0.00698EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/25 3:31 p.m.6 views

EUVD-2026-15406

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References5
OSV
OSV
added 2026/03/25 2:59 p.m.3 views

OPENSUSE-SU-2026:20429-1 Security update for python-dynaconf

This update for python-dynaconf fixes the following issues: Changes in python-dynaconf: - CVE-2026-33154: Server-Side Template Injection in the @Jinja resolver bsc1260063...

8.1CVSS5.9AI score0.00526EPSS
Exploits1References2
OSV
OSV
added 2026/03/25 2:16 p.m.5 views

ALPINE-CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS5.8AI score0.00698EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 2:16 p.m.7 views

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS0.00698EPSS
Exploits0References7
NVD
NVD
added 2026/03/25 2:16 p.m.3 views

CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS0.01545EPSS
Exploits0References27
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:29 p.m.2 views

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS5.8AI score0.00698EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/25 1:29 p.m.31 views

CVE-2026-3104 Memory leak in code preparing DNSSEC proofs of non-existence

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS0.00698EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/25 1:29 p.m.2 views

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS5.8AI score0.00698EPSS
Exploits0
Rows per page
Query Builder