Lucene search
K

42248 matches found

EUVD
EUVD
added 6 days ago4 views

EUVD-2026-41910

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the functio...

3.8CVSS6AI score0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 6 days ago6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
NVD
NVD
added 6 days ago9 views

CVE-2026-56810

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS0.00344EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago16 views

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...

7.5CVSS6.3AI score0.00838EPSS
Exploits8Affected Software1
CVE
CVE
added 6 days ago21 views

CVE-2026-44937

Summary: An unauthenticated webhook vulnerability in SUSE Rancher Fleet (versions prior to 0.15.2, 0.14 prior to 0.14.6, 0.13 prior to 0.13.11, 0.12 prior to 0.12.15) allows forging webhook requests via regex-based injection from unsanitized repository URL components, potentially enabling DoS or ...

8.3CVSS6AI score0.00506EPSS
Exploits0References1Affected Software1
NVD
NVD
added 6 days ago9 views

CVE-2026-24012

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS0.00546EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 6 days ago6 views

CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score0.00438EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-9165

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...

7.7CVSS5.9AI score0.00319EPSS
Exploits0References3
CVE
CVE
added 6 days ago13 views

CVE-2026-24012

CVE-2026-24012 – Apache IoTDB Denial of Service via Resource Exhaustion Description: An interface fails to cap the time span and aggregation interval of queries. An attacker can request an extremely large time range with a tiny interval, causing the DataNode to build an enormous result set in mem...

7.5CVSS6AI score0.00546EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-41856

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS6AI score0.00546EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-24012 Apache IoTDB: Denial of Service via Resource Exhaustion in Aggregation Query

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

0.00546EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-24012

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS6AI score0.00546EPSS
Exploits0References2Affected Software1
NVD
NVD
added 6 days ago9 views

CVE-2026-14807

ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view application code and obtain the database account and password...

9.8CVSS0.00463EPSS
Exploits0References2
OSV
OSV
added 6 days ago3 views

BIT-ELASTICSEARCH-2026-56149 Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.9AI score0.00324EPSS
Exploits0References2
OSV
OSV
added 6 days ago3 views

BIT-ELASTICSEARCH-2026-56148 Uncontrolled Recursion in Elasticsearch Leading to Denial of Service

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS6AI score0.00309EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 6 days ago6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6.1AI score0.00533EPSS
Exploits0References9
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-8804

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise...

6.7CVSS5.9AI score0.00082EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-55913

Name of the Vulnerable Software and Affected Versions Red Hat Advanced Cluster Security for Kubernetes affected versions not specified Description Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send...

7.7CVSS6AI score0.00319EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 6 days ago11 views

PT-2026-55878

Name of the Vulnerable Software and Affected Versions Apache IoTDB versions 1.3.3 through 2.0.7 Description An uncontrolled resource consumption issue exists where certain interfaces do not impose reasonable limits on the time span and aggregation interval of queries. An attacker can send a reque...

7.5CVSS5.9AI score0.00546EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-55872

Name of the Vulnerable Software and Affected Versions ERP App developed by PROG MIS affected versions not specified Description The application contains hard-coded credentials, which are passwords or usernames embedded directly into the software source code. This allows unauthenticated remote...

9.8CVSS6.2AI score0.00463EPSS
Exploits0References9
Rows per page
Query Builder