Lucene search
K

656 matches found

Vulnrichment
Vulnrichment
added 2026/02/02 2:8 p.m.6 views

CVE-2022-50977 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTP

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP...

7.5CVSS5.5AI score0.00441EPSS
Exploits0References2
CVE
CVE
added 2026/02/02 2:8 p.m.12 views

CVE-2022-50977

The CVE-2022-50977 issue affects Innomic VibroLine VLX and avibia AVLX devices, allowing an unauthenticated remote attacker to switch between multiple configuration presets via HTTP, potentially disrupting operations. The root cause is unauthenticated HTTP access enabling preset changes, with a h...

7.5CVSS5.5AI score0.00441EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/02 2:8 p.m.3 views

EUVD-2022-55954

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP...

7.5CVSS5.5AI score0.00441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/30 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: weldr-client (UTSA-2026-005216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005216 advisory. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is us...

9.1CVSS5.8AI score0.00724EPSS
Exploits0References4
OSV
OSV
added 2026/01/29 8:16 p.m.5 views

CVE-2025-63649

An out-of-bounds read in the httpparsertransferencodingchunked function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...

7.5CVSS5.6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.5 views

PT-2026-5333

An out-of-bounds read in the http parser transfer encoding chunked function mk server/mk http parser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...

6AI score0.00952EPSS
Exploits1References3
OSV
OSV
added 2026/01/28 9:5 a.m.6 views

RLSA-2026:1374 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS5.9AI score0.01468EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 6:27 p.m.4 views

CVE-2026-22263 Suricata http1: quadratic complexity in headers parsing over multiple packets

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available...

5.3CVSS5.9AI score0.00401EPSS
Exploits0References3
NCSC
NCSC
added 2026/01/21 10:6 a.m.12 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Oracle Enterprise Manager Base Platform and Oracle Application Testing Suite. The vulnerabilities allow unauthenticated attackers to gain unauthorized access, or can lead to a partial denial-of-service over HTTP. Oracle has released updates to fix the...

7.2CVSS8.4AI score0.02164EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 10:16 p.m.6 views

CVE-2026-21970

Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications component: Platform. The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Life...

6.5CVSS0.00246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 9:56 p.m.2 views

CVE-2026-21973

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications component: Security Management System. Supported versions that are affected are 14.5.0.15.0, 14.7.0.8.0 and 14.8.0.1.0. Easily exploitable vulnerability allows low privileged attacker with...

8.1CVSS7.3AI score0.00265EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.4 views

Oracle Supply Chain security vulnerabilities

Oracle Supply Chain is a supply chain solution developed by Oracle Corporation in the United States. This product offers features such as value chain planning, value chain execution, and product lifecycle management. The version 9.3.6 of Oracle Agile PLM in Oracle Supply Chain contains a security...

7.5CVSS7.1AI score0.00346EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : haproxy-1.8.23-3.el8 (AXSA:2020-267:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-267:02 advisory. haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 haproxy: HTTP/2...

9.8CVSS5.7AI score0.10024EPSS
Exploits1References3
OSV
OSV
added 2026/01/12 7:16 p.m.3 views

UBUNTU-CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

8.7CVSS5.6AI score0.00353EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.5 views

CVE-2021-22766

A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 Versions 3.0.0 and newer and PowerLogic EGX300 All Versions that could cause denial of service via a specially crafted HTTP packet...

7.5CVSS6.7AI score0.01279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.5 views

CVE-2021-2375

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.5.3 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

6.1CVSS5.5AI score0.01032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:51 a.m.6 views

CVE-2021-2029

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Miscellaneous. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting...

9.8CVSS6.8AI score0.01665EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/22 2:2 a.m.28 views

CVE-2025-15008 Tenda WH450 HTTP Request L7Port stack-based overflow

A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now publ...

7.5CVSS0.0046EPSS
Exploits1References6
Hacker One
Hacker One
added 2025/12/19 7:22 a.m.18 views

curl: Unbounded memory consumption via compressed HTTP responses (gzip/brotli/zstd)

During a review of curl's handling of response decompression, it was noticed that no limit exists on the final uncompressed data volume from compressed HTTP replies. Instead of setting constraints, the current design allows indefinite expansion during processing. This absence of limits could lead...

7.2AI score
Exploits0
OSV
OSV
added 2025/12/15 3:5 p.m.7 views

USN-7932-1 libsoup3 vulnerability

It was discovered libsoup incorrectly handled memory when handling specific HTTP/2 read and cancel sequences. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS5.8AI score0.00416EPSS
Exploits0References2
Rows per page
Query Builder