Lucene search
K

4930 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-15173

A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the pcapng file parser, leading to a crash of the application. This denial of service DoS could prevent legitimate users from accessing the service, impacting its availability. Mitigation To mitigate this issue, use...

5.5CVSS6AI score0.00089EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-42145

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the file upload endpoint app/Http/Controllers/UploadController.php for database backup restore uploads did not enforce file type or size validation, allowing an authenticat...

3.1CVSS5.9AI score0.0025EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 4 days ago4 views

The vulnerability of the rmapremove() function in the KVM virtualization subsystem of the Linux operating system allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the rmapremove function in the KVM virtualization subsystem of the Linux operating system is related to the use of memory after it is freed, as a result of a pointer being dereferenced that has reached its expiration time. Exploiting this vulnerability can allow an attacker t...

7CVSS6.4AI score0.00176EPSS
Exploits3References15Affected Software4
RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-14651

A flaw was found in grass, a Sass compiler. This vulnerability allows a local attacker to cause a Denial of Service DoS by manipulating specific functions within the compiler, such as grasscompiler::selector::extend or grasscompiler::evaluate::visitor. This can lead to the compiler becoming...

4.8CVSS5.8AI score0.00115EPSS
Exploits0References9
EUVD
EUVD
added last week6 views

EUVD-2026-41670

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...

5.3CVSS5.6AI score0.00277EPSS
Exploits0References5
Snyk
Snyk
added last week5 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the RRCInactiveTransitionReport function of the NGAP Message Handler component. An attacker can cause a service disruption by sending specially crafted messages remotely. Remediation Upgrade...

5.3CVSS6AI score0.00522EPSS
Exploits0References2
Snyk
Snyk
added last week5 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/nas/nassecurity...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
Snyk
Snyk
added last week6 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/gmm to version...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References2
NVD
NVD
added 2026/07/04 2:16 a.m.9 views

CVE-2025-71380

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or...

8.8CVSS0.00413EPSS
Exploits0References2
CVE
CVE
added 2026/07/04 1:23 a.m.27 views

CVE-2025-71380

CVE-2025-71380 : The n8n Execute Command node is vulnerable to arbitrary command execution by authenticated users on the host running n8n. The issue allows user- or credential-compromised attackers to run commands that could exfiltrate data, disrupt services, or fully compromise the host. Concret...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:23 a.m.10 views

CVE-2025-71380

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/03 10:18 p.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the CODEOWNERS pattern matching process. An attacker can cause excessive resource consumption by submitting specially crafted patterns, potentially leading to service unavailability. Remediation Upgrade...

7.5CVSS6AI score0.00331EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/07/01 12:0 a.m.6 views

The vulnerability of the authentication mechanism of the SAML-based NetScaler ADC controller (formerly Citrix ADC) and the NetScaler Gateway virtual environment access control system (formerly Citrix Gateway) allows a attacker to cause service interruptions.

The vulnerability of the SAML authentication mechanism for NetScaler ADC formerly Citrix ADC and the NetScaler Gateway virtual environment access control system formerly Citrix Gateway is related to reading data beyond the allowed range in memory. Exploiting this vulnerability could allow a...

9.7CVSS6.1AI score0.00502EPSS
Exploits1References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/30 12:0 a.m.4 views

The vulnerability of the ngx_http_charset_module module in NGINX Plus and NGINX Open Source web servers allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ngxhttpcharsetmodule module in NGINX Plus and NGINX Open Source web servers is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information or cause...

4.8CVSS6.3AI score0.00398EPSS
Exploits0References3Affected Software11
Redos
Redos
added 2026/06/26 12:0 a.m.5 views

ROS-20260626-73-0028

The vulnerability in ImageMagick 7 is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.8AI score0.00495EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability in the net/core/dev.c module of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the net/core/dev.ct module in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS5.8AI score0.00371EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.4 views

The vulnerability of the `ip6_err_gen_icmpv6_unreach()` function in the `net/ipv6/icmp.c` module of the Linux operating system allows a attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ip6errgenicmpv6unreach function in the net/ipv6/icmp.c module of the Linux operating system is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause...

10CVSS6.2AI score0.00255EPSS
Exploits0References13Affected Software3
RedhatCVE
RedhatCVE
added 2026/06/24 8:44 p.m.8 views

CVE-2026-52926

A flaw was found in the Linux kernel's batman-adv module, which is responsible for managing mesh networks. When a mesh network is being shut down, the system fails to properly clear the active gateway information. This leaves outdated network configuration data, which can prevent the mesh network...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in grub2

A vulnerability has been identified in the GRUB2 bootloader’s network module, posing an immediate Denial of Service DoS risk. This flaw is a use-after-free issue, as the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who can execute th...

4.9CVSS5.8AI score0.0013EPSS
Exploits0References3
PyPA
PyPA
added 2026/06/24 1:16 p.m.5 views

PYSEC-0000-CVE-2026-56262

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...

6.9CVSS5.8AI score0.00417EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder