20358 matches found
CVE-2026-59762
When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Impact: System performance can degrade until the TMM process is either forced to restart or is manually restarted. This vulnerability allows a remote,...
EUVD-2026-44679
When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Impact: System performance can degrade until the TMM process is either forced to restart or is manually restarted. This vulnerability allows a remote,...
Monstra CMS 3.0.4 - HTTP Header Injection
Monstra CMS 3.0.4 is susceptible to HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter. An attacker can potentially supply invalid input and cause the server to allow redirects to attacker-controlled domains, perform cache poisoning, and/or allow improper access to...
CVE-2026-50432
CVE-2026-50432 describes a Use-after-free vulnerability in the Windows Virtual Filtering Platform (VFP) . An authenticated attacker could trigger a denial-of-service condition over the network by exploiting this flaw in the VFP code path, as indicated by the CVE entry: AV:N/AC:H/PR:L/UI:N/S:U/C:N...
CVE-2026-53365
A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability occurs during zerocopy completion for large messages fragmented into multiple socket kernel buffers skbs. An issue in how user arguments uargs are handled for these buffers can lead to pinned user pages not being...
CVE-2026-6790
In Eclipse Jetty, HTTP/1 requests to HTTP/1.3 (HTTP/2/3 included) do not enforce that the request authority (host and port) matches the Host header when present. This mismatch can affect URI redirects, virtual host selection, reverse proxying, and logs. The issue is described across CVE sources (...
EUVD-2026-43646
In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority host and port matches what provided in the Host header if present. This was not enforced in earlier HTTP RFC for example, in RFC 2616, but it is in the latest RFC 9110 and 9112. This...
CVE-2026-6790
In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there is no strict check that the request authority host and port matches what provided in the Host header if present. This was not enforced in earlier HTTP RFC for example, in RFC 2616, but it is in the latest RFC 9110 and 9112. This...
U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
The U.S. Treasury Department's Office of Foreign Assets Control OFAC has designated two individuals and a VPN service provider for enabling ransomware actors' and other cybercriminals' malicious activities, including ransomware attacks against Americans. The VPN, named First VPN Service 1VPNS, ha...
CVE-2025-8412
The CVE-2025-8412 entry concerns the SUSE Virtual Machine Driver Pack. A BUFFER overflow can occur in the RtlQueryRegistryValues function when an attacker able to modify the registry interacts with the driver, affecting integrity. Affected scope is the Virtual Machine Driver Pack up to the build ...
EUVD-2025-210459
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in SUSE Virtual Machine Driver Pack allows an attacker with the ability to modify the registry to affect the integrity of the driver. We're not aware of a feasible way to exploit this currently. This issue affect...
CVE-2025-8412
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in SUSE Virtual Machine Driver Pack allows an attacker with the ability to modify the registry to affect the integrity of the driver. We're not aware of a feasible way to exploit this currently. This issue affect...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
PT-2026-58073
Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.2 FortiSandbox versions 4.4.3 through 4.4.8 Description An exposure of resource to wrong sphere issue allows an unauthenticated attacker to access the VNC server of virtual machines performing scanning v...
PT-2026-60103
Name of the Vulnerable Software and Affected Versions Anyquery affected versions not specified Description When operated in server mode, the software lacks input sanitization and access control for its built-in SQLite virtual table modules, such as csv reader and log reader. Unauthenticated...
PT-2026-60102
Name of the Vulnerable Software and Affected Versions Anyquery affected versions not specified Description When operating in server mode, the software does not restrict outbound HTTP requests initiated by built-in SQLite virtual table modules, such as json reader and log reader. Unauthenticated...
CVE-2026-45203
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...
CVE-2026-34196
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...
CVE-2026-45196
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation...
CVE-2026-57157
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled are vulnerable to an out-of-bounds heap read. A malicious RDP client can exploit this by manipulating the DeviceName a...