Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-59892

A flaw was found in the @opentelemetry/propagator-jaeger component of OpenTelemetry JavaScript. This vulnerability allows an unauthenticated remote attacker to send specially crafted HTTP header values, specifically uber-trace-id and uberctx-. The component improperly decodes these values without...

7.5CVSS6AI score0.00436EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.10 views

CVE-2026-8162

[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. T...

7.5CVSS5.5AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/18 5:35 p.m.9 views

EUVD-2026-29441

multiparty vulnerable to Denial of Service via Uncaught Exception in filename parameter parsing...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:5 a.m.7 views

CVE-2026-8162

[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. T...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/12 9:5 a.m.15 views

CVE-2026-8162

[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. T...

7.5CVSS5.8AI score0.00279EPSS
Exploits0
CVE
CVE
added 2008/01/04 11:0 a.m.44 views

CVE-2007-6660

The CVE-2007-6660 entry involves the 2z project version 0.9.6.1 where information disclosure can occur via (1) a request to index.php with an invalid template or (2) a request to the default URI with certain year/month parameters, causing error messages that reveal the path. The NVD description d...

5CVSS6.3AI score0.01232EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder