Lucene search
K

19052 matches found

AlpineLinux
AlpineLinux
added 2026/06/25 11:57 a.m.4 views

CVE-2026-42005

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS5.9AI score0.00479EPSS
Exploits0
CVE
CVE
added 2026/06/25 11:57 a.m.13 views

CVE-2026-42005

CVE-2026-42005 describes a vulnerability where an attacker can send a web request that triggers unlimited memory allocation in the internal web server, causing denial of service. The affected component is the internal web server; root cause is uncontrolled memory growth when processing requests. ...

4.3CVSS5.9AI score0.00479EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 11:57 a.m.5 views

CVE-2026-42005

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS5.9AI score0.00479EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 12:33 a.m.5 views

EUVD-2026-39109

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within ToggleState.php...

8.8CVSS7.8AI score0.01126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52469

Name of the Vulnerable Software and Affected Versions K2 affected versions not specified Description The frontend article-attachment upload path allows the upload of files with the .php extension. When used with Apache's standard mod php, which matches the .php$ pattern, these files are executed...

6.3CVSS6.1AI score0.00167EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 10:16 p.m.8 views

CVE-2026-9772

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...

8.8CVSS0.01114EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 10:16 p.m.7 views

CVE-2026-9773

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within ToggleState.php...

8.8CVSS0.01126EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 9:35 p.m.16 views

CVE-2026-9772

Unraid Web Server FileUpload Command Injection (CVE-2026-9772) allows authenticated attackers to execute arbitrary code on affected installations via a crafted FileUpload.php input, executing a system call as www-data. Root cause: insufficient validation of a user-supplied string before a system ...

8.8CVSS7.8AI score0.01114EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/24 9:35 p.m.20 views

CVE-2026-9772 Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...

8.8CVSS0.01114EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 12:0 a.m.3 views

ALSA-2026:28921 Important: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References4
AlmaLinux
AlmaLinux
added 2026/06/24 12:0 a.m.5 views

Important: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References4
AlmaLinux
AlmaLinux
added 2026/06/24 12:0 a.m.6 views

Important: nginx:1.26 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 5:57 p.m.3 views

Security Bulletin:IBM HTTP Server shipped with IBM OpenPages is vulnerable to multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server, that is shipped as a supporting program of IBM OpenPages. Information about multiple vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. These products have addressed the applicable CVEs. For a...

9.8CVSS6.8AI score0.00488EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:5 p.m.3 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

9.8CVSS5.8AI score0.00409EPSS
Exploits0Affected Software1
Nuclei
Nuclei
added 2026/06/23 5:8 a.m.16 views

Blueimp jQuery-File-Upload v9.22.0 - Unrestricted File Upload

Blueimp jQuery-File-Upload v9.22.0 contains an unauthenticated arbitrary file upload caused by insufficient validation in the upload component, letting remote attackers upload malicious files, exploit requires no authentication. id: CVE-2018-9206 info: name: Blueimp jQuery-File-Upload v9.22.0 -...

9.8CVSS7.5AI score0.97107EPSS
Exploits15References4
CVE
CVE
added 2026/06/23 12:53 a.m.41 views

CVE-2026-11833

CVE-2026-11833 affects FAST/TOOLS (RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) from R9.01 to R10.04 and CI Server (all packages) from R1.01 to R1.04. The web server may return a response containing CI Server setting information, which could be exploited by an attacker for other attacks. The CVSS4 scor...

8.2CVSS5.7AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 12:0 a.m.3 views

ALSA-2026:28212 Important: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References4
NVD
NVD
added 2026/06/22 11:16 p.m.9 views

CVE-2026-48746

vLLM is an inference and serving engine for large language models LLMs. From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing t...

9.1CVSS0.0086EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/06/22 9:57 p.m.3 views

CVE-2026-48746 vLLM: OpenAI auth bypass

vLLM is an inference and serving engine for large language models LLMs. From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing t...

9.1CVSS5.9AI score0.0086EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 9:57 p.m.73 views

CVE-2026-48746 vLLM: OpenAI auth bypass

vLLM is an inference and serving engine for large language models LLMs. From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing t...

9.1CVSS0.0086EPSS
Exploits0References3
Rows per page
Query Builder