Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-59892

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx- HTTP header values with decodeURIComponent without handling decode errors, allowing an unauthenticated remote attacker to send a malformed...

7.5CVSS6AI score0.00436EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added last week33 views

CVE-2026-59892 OpenTelemetry JavaScript: Denial of service in `JaegerPropagator` via unhandled exception on a malformed header

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx- HTTP header values with decodeURIComponent without handling decode errors, allowing an unauthenticated remote attacker to send a malformed...

7.5CVSS0.00436EPSS
Exploits0References3
CVE
CVE
added last week10 views

CVE-2026-59892

Summary: OpenTelemetry JavaScript’s JaegerPropagator (via @opentelemetry/propagator-jaeger) decodes uber-trace-id and uberctx-* headers with decodeURIComponent() without handling decode errors prior to 2.9.0, enabling an unauthenticated attacker to send a malformed percent-encoded value that resu...

7.5CVSS6AI score0.00436EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-39998

Name of the Vulnerable Software and Affected Versions multiparty versions 4.2.3 and earlier Description A denial of service occurs due to an uncaught exception during the parsing of multipart/form-data requests. When a request contains a Content-Disposition header with a filename parameter...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2017/12/18 12:0 a.m.53 views

WIndows jscript!JsArraySlice Uninitialized Variable

Windows: Uninitialized variable in jscript!JsArraySlice CVE-2017-11855 There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - By opening a malicious web page in Internet Explorer. - currently untested An attacker on t...

7.6CVSS0.5AI score0.47913EPSS
Exploits4
seebug.org
seebug.org
added 2017/10/20 12:0 a.m.54 views

Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation(CVE-2016-4132)

SUMMARY A potentially exploitable read access violation vulnerability exists in the a way Adobe Flash Player handles infinitely recursive calls. A specially crafted ActionScript code can cause a read access violation which can potentially be further abused. To trriger this vulnerability user...

9.3CVSS9.1AI score0.03977EPSS
Exploits1
0day.today
0day.today
added 2016/12/06 12:0 a.m.66 views

Microsoft Internet Explorer jscript9 - Java­Script­Stack­Walker Memory Corruption (MS15-056)

Exploit for windows platform in category dos / poc var o­Window = window.open"about:blank"; o­Window.exec­Script'window.o­URIError = new URIError;o­URIError.name = o­URIError;' try "" + o­Window.o­URIError; catche try "" + o­Window.o­URIError; catche Description A Javascript can construct an...

9.3CVSS6.5AI score0.2939EPSS
Exploits2
Talos
Talos
added 2016/06/14 12:0 a.m.40 views

Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation

SUMMARY A potentially exploitable read access violation vulnerability exists in the a way Adobe Flash Player handles infinitely recursive calls. A specially crafted ActionScript code can cause a read access violation which can potentially be further abused. To trriger this vulnerability user...

9.3CVSS8.9AI score0.03977EPSS
Exploits1
Rows per page
Query Builder