Lucene search
K

284 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Avoid per-cpu hold underflow in aagetbuffer. When aagetbuffer retrieves data from the per-cpu list, it conditionally decreases cache-hold. If hold reaches 0 while count remains non-zero, the unsigned decrement wraps to...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:40 p.m.5 views

CVE-2026-54280

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...

6.3CVSS5.8AI score0.00281EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/22 4:40 p.m.44 views

CVE-2026-54280

CVE-2026-54280 affects the AIOHTTP project (async HTTP client/server for asyncio/Python). Before version 3.14.1, payload resources may not be closed correctly if a client disconnects mid-write, allowing temporary resource starvation when a payload uses a limited resource (e.g., open files). The i...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/22 4:40 p.m.3 views

CVE-2026-54280 AIOHTTP: Payload Response Resources Are Not Closed After Mid-Body Disconnect

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...

6.3CVSS5.9AI score0.00281EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-54280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client...

7.5CVSS5.9AI score0.00281EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/17 12:50 a.m.16 views

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/15 8:10 p.m.22 views

aiohttp: Payload Response Resources Are Not Closed After Mid-Body Disconnect

Summary Payload resources are not closed correctly when a client disconnects in the middle of a write. Impact If a payload is using an open file or similar limited resource, then an attacker may be able to cause resource starvation temporarily until garbage collection or similar closes the file...

7.5CVSS5.3AI score0.00281EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/15 8:10 p.m.7 views

GHSA-9X8Q-7H8H-WCW9 aiohttp: Payload Response Resources Are Not Closed After Mid-Body Disconnect

Summary Payload resources are not closed correctly when a client disconnects in the middle of a write. Impact If a payload is using an open file or similar limited resource, then an attacker may be able to cause resource starvation temporarily until garbage collection or similar closes the file...

6.3CVSS5.3AI score0.00281EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49594

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Payload resources are not closed correctly when a client disconnects during a write operation. If a payload utilizes an open file or other limited resources, an attacker can cause temporary resource...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/07 8:58 p.m.14 views

CVE-2026-45078

A flaw was found in Synapse, an open source Matrix homeserver implementation. Local authenticated users can exploit this vulnerability to consume excessive CPU resources, causing the server to become unresponsive and denying service to other users. This can lead to a complete Denial of Service Do...

6.8CVSS5.3AI score0.00128EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:20 a.m.17 views

SUSE CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References3
PyPA
PyPA
added 2026/05/28 5:16 p.m.8 views

PYSEC-0000-CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/28 5:16 p.m.20 views

PYSEC-2026-191

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/28 5:16 p.m.23 views

CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS0.00128EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 5:16 p.m.8 views

PYSEC-2026-191

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 5:16 p.m.6 views

DEBIAN-CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 5:16 p.m.9 views

UBUNTU-CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/28 3:52 p.m.36 views

CVE-2026-45078 Synapse CPU starvation (Denial of Service)

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/28 3:52 p.m.14 views

CVE-2026-45078 Synapse CPU starvation (Denial of Service)

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:52 p.m.9 views

CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder