Lucene search
+L

11 matches found

redhatcve
redhatcve
added 2026/06/25 10:38 p.m.6 views

CVE-2026-50012

A flaw was found in Squid. Due to improper input validation, a heap-based buffer overflow can occur when processing cache digests. This issue allows a trusted server to cause a denial of service when sending specially crafted replies to cachedigest request messages. Mitigation To mitigate this...

5.5CVSS6.1AI score
Exploits0References4
github
github
added 2026/05/21 7:50 p.m.16 views

nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References6Affected Software1
osv
osv
added 2026/05/08 3:10 p.m.3 views

CVE-2026-44500 ZEBRA: Allocation Amplification in Inbound Network Deserializers

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter...

5.3CVSS5.9AI score0.00362EPSS
Exploits1References3
osv
osv
added 2026/04/22 7:19 p.m.4 views

GHSA-7C4J-2M43-2MGH nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals

Impact An untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashing an election macro header hashes validators and reaches Validators::votingkeys, which calls validator.votingkey.uncompress.unwrap...

7.5CVSS5.8AI score0.00372EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/04/22 12:0 a.m.15 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from the fact that untrusted peer devices in nimiq-primitives could declare election macroblocks whose validators contained...

7.5CVSS5.8AI score0.00372EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/09/24 7:48 p.m.4 views

CVE-2025-59824 Omni Wireguard SideroLink potential escape

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to version 0.48.0, Omni Wireguard SideroLink has the potential to escape. Omni and each Talos machine establish a peer-to-peer P2P SideroLink connection using WireGuard to mutually authenticate and authorize access. The...

2.1CVSS6.7AI score0.00182EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/11/18 12:0 a.m.10 views

PT-2024-35489 · Unknown · Bitcoin Core

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 25.0 Description: The issue allows a peer to affect the download state of other peers by sending a mutated block. This can potentially disrupt the normal functioning of the Bitcoin network. Recommendations: For...

5.3CVSS7.2AI score0.00428EPSS
Exploits0References6
veracode
veracode
added 2022/06/20 6:38 a.m.22 views

Authentication Bypass

OPCFoundation.NetStandard.Opc.Ua is vulnerable to authentication bypass. The vulnerability exists due to the incorrect implementation of the authentication algorithm in the library, allowing malicious clients or servers to bypass the application authentication mechanism and connect to untrusted...

7.5CVSS7.5AI score0.01502EPSS
Exploits0References5Affected Software1
redhat
redhat
added 2022/06/13 12:34 p.m.4 views

envoy: Decompressors can be zip bombed

A flaw was found in Envoy. A specifically constructed HTTP body delivered by an untrusted downstream or upstream peer whose decompressed size is dramatically larger than the compressed size can be sent by an attacker to cause a denial of service...

7.5CVSS5.7AI score0.0144EPSS
Exploits1References5
redhat
redhat
added 2022/06/13 11:57 a.m.4 views

envoy: Decompressors can be zip bombed

A flaw was found in Envoy. A specifically constructed HTTP body delivered by an untrusted downstream or upstream peer whose decompressed size is dramatically larger than the compressed size can be sent by an attacker to cause a denial of service...

7.5CVSS5.7AI score0.0144EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2022/02/09 12:0 a.m.8 views

PT-2022-16786 · Apple · Swift-Nio-Http2

Name of the Vulnerable Software and Affected Versions: swift-nio-http2 versions 1.0.0 through 1.19.1 Description: A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack is caused by a logical error after...

7.5CVSS7.4AI score0.01119EPSS
Exploits0References9
Rows per page
Query Builder