Lucene search
K

4882 matches found

OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-53339

In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-cci: Fix NULL pointer dereference in cciremove On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only one I2C master may be initialized, and in such cases the device...

5.7AI score0.00164EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-53339

A flaw was found in the Linux kernel's i2c-qcom-cci driver. This vulnerability occurs when the device unbinding or driver removal process is initiated on systems where only one I2C master is initialized, despite the Qualcomm CCI controller providing two. This can lead to a NULL pointer dereferenc...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40443

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor...

6.3CVSS5.8AI score0.00258EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.5 views

EUVD-2026-40420

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS5.8AI score0.00379EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.10 views

EUVD-2026-40421

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-56350

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor...

7.7CVSS0.00258EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 10:16 p.m.9 views

CVE-2026-50254

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...

8.7CVSS0.00379EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 p.m.7 views

CVE-2026-35505

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.26 views

CVE-2026-56350 n8n - SSO Enforcement Bypass via API

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor...

6.3CVSS0.00258EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 9:14 p.m.32 views

CVE-2026-50254 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...

8.7CVSS0.00379EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 9:14 p.m.19 views

CVE-2026-50254

CVE-2026-50254 affects the DCMTK toolkit’s storescp component. An unauthenticated remote attacker can repeatedly send a crafted connection request, causing a memory leak that grows quickly in the default single-process mode, ultimately killing the service and requiring an operator to restart it. ...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 9:9 p.m.16 views

CVE-2026-35505

Technical details are not publicly available in the provided documents. Monitor for updates.

8.7CVSS5.8AI score0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 9:9 p.m.32 views

CVE-2026-35505 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS0.00379EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/30 9:9 p.m.3 views

CVE-2026-35505

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS6AI score0.00379EPSS
Exploits0
CVE
CVE
added 2026/06/30 2:36 p.m.11 views

CVE-2026-27955

Summary: CVE-2026-27955 affects Coolify prior to 4.0.0-beta.464, where the executeInDocker() helper wraps commands in bash -c '{$command}' without escaping single quotes. User-controlled fields docker_compose_custom_build_command and docker_compose_custom_start_command are interpolated directly, ...

6.6CVSS5.9AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 1:19 p.m.8 views

UBUNTU-CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.7AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 12:1 p.m.9 views

EUVD-2026-40303

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

5.7CVSS5.7AI score0.00243EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/30 12:1 p.m.4 views

CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.8AI score0.00215EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-53993

Name of the Vulnerable Software and Affected Versions storescp affected versions not specified Description An unauthenticated remote attacker can cause a memory leak by repeatedly sending a single crafted connection request. When storescp operates in its default single-process mode, memory...

8.7CVSS6AI score0.00379EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54039

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.8.0 Description An authentication bypass exists that allows authenticated Single Sign-On SSO users to disable SSO enforcement via the API. This allows attackers to create local password credentials to authenticate...

6.3CVSS5.8AI score0.00258EPSS
Exploits0References4
Rows per page
Query Builder