Lucene search
K

19026 matches found

CNNVD
CNNVD
added 2026/04/23 12:0 a.m.7 views

Zurich Instruments LabOne Web Server 路径遍历漏洞

Zurich Instruments LabOne Web Server is a web service component provided by the Swiss company Zurich Instruments. It serves for instrument control, data acquisition, and visualization interface operations. The Zurich Instruments LabOne Web Server has a path traversal vulnerability, which stems fr...

8.7CVSS5.8AI score0.00335EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.14 views

PT-2026-34653

The LabOne Web Server, backing the LabOne User Interface, contains insufficient input validation in its file access functionality. An unauthenticated attacker could exploit this vulnerability to read arbitrary files on the host system that are accessible to the operating system user running the...

8.7CVSS5.9AI score0.00335EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 2:52 p.m.9 views

GHSA-2R2P-4CGF-HV7H engram: HTTP server CORS wildcard + auth-off-by-default enables CSRF graph exfiltration and persistent indirect prompt injection

Summary The local HTTP server started by engram server binding 127.0.0.1:7337 by default was exposed to any browser origin with no authentication unless ENGRAMAPITOKEN was explicitly set. Combined with Access-Control-Allow-Origin: on every response and a body parser that did not require...

8.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 2026/04/22 12:30 p.m.5 views

EUVD-2026-24719

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00606EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/22 12:30 p.m.8 views

EUVD-2026-24720

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/22 12:30 p.m.4 views

EUVD-2026-24725

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References4
NVD
NVD
added 2026/04/22 10:16 a.m.6 views

CVE-2026-33256

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS0.00606EPSS
Exploits0References1
NVD
NVD
added 2026/04/22 10:16 a.m.9 views

CVE-2026-33257

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS0.00514EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 10:16 a.m.5 views

CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS0.00524EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 10:16 a.m.8 views

DEBIAN-CVE-2026-33256

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.4AI score0.00606EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 9:39 a.m.30 views

CVE-2026-33260

CVE-2026-33260 describes an input-validation flaw in the internal web server that can cause unlimited memory allocation when processing a web request, resulting in denial of service. The issue is documented across multiple feeds (NVD, ENISA EUVD, Debian OSV, CIRCL, etc.), all noting that the inte...

7.5CVSS5.8AI score0.00524EPSS
Exploits0References3Affected Software3
Vulnrichment
Vulnrichment
added 2026/04/22 9:39 a.m.6 views

CVE-2026-33260 Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 9:39 a.m.6 views

CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References4Affected Software3
Cvelist
Cvelist
added 2026/04/22 9:39 a.m.28 views

CVE-2026-33260 Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS0.00524EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/22 9:39 a.m.5 views

CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.8AI score0.00524EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/22 9:37 a.m.3 views

CVE-2026-33257 Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References3
CVE
CVE
added 2026/04/22 9:37 a.m.21 views

CVE-2026-33257

The CVE-2026-33257 issue enables an attacker to send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. In the provided documents, no concrete product/vendor/version, root cause details ...

7.5CVSS5.8AI score0.00514EPSS
Exploits0References3Affected Software3
AlpineLinux
AlpineLinux
added 2026/04/22 9:37 a.m.3 views

CVE-2026-33257

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.8AI score0.00514EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/22 9:37 a.m.29 views

CVE-2026-33256 Unbounded memory allocation by internal web server

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS0.00606EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 9:37 a.m.14 views

CVE-2026-33256

CVE-2026-33256 affects PowerDNS Recursor: an attacker can send a network web request that triggers unbounded memory allocation in the internal web server, causing a denial of service. The internal web server is disabled by default, mitigating some exposure. Public sources (NVD, Red Hat, Debian, E...

7.5CVSS5.8AI score0.00606EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder