Lucene search
K

24 matches found

OSV
OSV
added 2026/06/30 11:16 a.m.4 views

UBUNTU-CVE-2026-50750

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.8AI score0.00707EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:16 a.m.3 views

UBUNTU-CVE-2026-54475

Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing...

7.5CVSS5.7AI score0.00589EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 9:51 a.m.15 views

CVE-2026-50750

CVE-2026-50750 describes a pre-authentication Denial of Service in Apache ActiveMQ components where an unauthenticated attacker can flood BrokerInfo messages without a ConnectionInfo, causing an Out of Memory condition and broker crash. Affected ranges include Apache ActiveMQ Broker: 5.19.7 befor...

7.5CVSS5.8AI score0.00707EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2026/06/30 9:49 a.m.14 views

CVE-2026-53916

CVE-2026-53916 describes a memory allocation issue in Apache ActiveMQ families (ActiveMQ, ActiveMQ All, ActiveMQ Stomp) caused by an unauthenticated STOMP NIO client that can emit header bytes that never terminate. This unbounded header buffering can exhaust the JVM heap. Affected versions are be...

7.5CVSS5.9AI score0.00796EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-53842

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Broker versions 5.19.7 through 5.19.7 Apache ActiveMQ Broker versions 6.2.6 through 6.2.6 Apache ActiveMQ versions 5.19.7 through 5.19.7 Apache ActiveMQ versions 6.2.6 through 6.2.6 Apache ActiveMQ All versions 5.19.7 through...

7.5CVSS5.9AI score0.00707EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-53846

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.8 Apache ActiveMQ versions 6.0.0 through 6.2.6 Description An authorization flaw exists in the handling of temporary destinations. While these destinations are intended to be isolated to the connection th...

7.5CVSS6AI score0.00589EPSS
Exploits0References10
OSV
OSV
added 2026/02/07 12:15 a.m.6 views

CVE-2020-37079

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery CSRF vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user...

3.5CVSS5.7AI score0.0017EPSS
Exploits1References4
NVD
NVD
added 2026/02/07 12:15 a.m.7 views

CVE-2020-37079

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery CSRF vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user...

5.1CVSS0.0017EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/06 11:16 p.m.36 views

CVE-2020-37079 Wing FTP Server < 6.2.7 - Cross-site Request Forgery

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery CSRF vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user...

5.1CVSS0.0017EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.8 views

PT-2026-6812

Name of the Vulnerable Software and Affected Versions Wing FTP Server versions prior to 6.2.7 Description Wing FTP Server versions prior to 6.2.7 have a cross-site request forgery CSRF issue in the web administration interface. This allows attackers to delete administrative users by crafting a...

5.1CVSS5.2AI score0.0017EPSS
Exploits1References6
OSV
OSV
added 2026/01/23 12:24 p.m.5 views

OESA-2026-1237 python-filelock security update

This package contains a single module, which implements a platform independent file locking mechanism for Python. Security Fixes: filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of th...

5.3CVSS5.6AI score0.00115EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/11/10 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-10d2e6260b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00638EPSS
Exploits0References2
Circl
Circl
added 2025/11/05 1:10 a.m.4 views

CVE-2025-62715

creationtimestamp| type| source ---|---|--- 2025-11-05 01:10:32+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4tuidk6zsb2 2025-11-05 02:10:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4txukn3hq2j...

5.4CVSS5.8AI score0.00204EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/10 10:33 a.m.6 views

EUVD-2025-33695

An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::ismotiontween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end ABEND, and arbitrary code execution...

8.4CVSS7.3AI score0.00168EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/21 12:0 a.m.5 views

IMP 安全漏洞

IMP is an open source web-based webmail system from Horde. A security vulnerability exists in IMP version 6.2.27 and earlier, which originates from a specially crafted HTML email that could lead to account takeover...

7.2CVSS6.2AI score0.30164EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.4 views

Fortinet FortiWeb SQL注入漏洞

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A SQL injection vulnerability exists in...

7.2CVSS7.4AI score0.00388EPSS
Exploits0References3
OSV
OSV
added 2024/12/19 11:15 a.m.3 views

CVE-2020-15934

An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine...

7.8CVSS5.9AI score0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.8 views

PT-2023-2332 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.2.7 Description: The issue is related to a race condition in the Linux kernel's TLS protocol implementation, specifically in the do tls getsockopt conf and do tls setsockopt conf functions in the net/tls/tls...

10CVSS6.2AI score0.93838EPSS
Exploits80References1158
OSV
OSV
added 2022/11/23 4:36 p.m.7 views

SUSE-SU-2022:4209-1 Security update for libarchive

This update for libarchive fixes the following issues: - CVE-2022-36227: Fixed potential NULL pointer dereference in archivewriteallocatefilter bsc1205629...

9.8CVSS9.5AI score0.01936EPSS
Exploits0References3
OSV
OSV
added 2022/04/27 8:15 p.m.3 views

DEBIAN-CVE-2022-24735

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the potentially higher privileges of another Redis user. The Lua scri...

7.8CVSS6.8AI score0.02189EPSS
Exploits1References1
Rows per page
Query Builder