VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1560 advisories across 32 monitored vendors.
Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters (e.g., a very large time range combined with a minimal interval). This forces the DataNode to build an enormous result set in memory, which exhausts the Java heap and causes the DataNode process to crash. This issue affects Apache IoTDB: from 1.3.3 before 2.0.8. Users are recommended to upgrade to version 2.0.8, which fixes the issue.
Unbounded GraphQL query depth allows authenticated denial of service. Red Hat rates this important (CVSS 7.7). Weakness: CWE-400. Red Hat lists fixing advisory RHSA-2026:36319 with package advanced-cluster-security/rhacs-main-rhel8:1783357140, advanced-cluster-security/rhacs-main-rhel9:1783352589, advanced-cluster-security/rhacs-main-rhel8:1783357116.
Apache Camel JMS components: Arbitrary Exchange state injection. Red Hat rates this important (CVSS 8.1). Weakness: CWE-502.
Server-Side Request Forgery and sensitive data exposure. Red Hat rates this important (CVSS 8.2). Weakness: CWE-918.
Remote attacker can execute unintended operations via header manipulation. Red Hat rates this important (CVSS 7.5). Weakness: CWE-639.
Credential exposure and information disclosure via improper input validation of mail headers. Red Hat rates this moderate (CVSS 7.5). Weakness: CWE-918.
Apache Camel (camel-vertx-http): Remote Code Execution via Deserialization of Untrusted Data. Red Hat rates this important (CVSS 8.1). Weakness: CWE-502.
Crypt::DSA: Crypt::DSA: Private key recovery due to biased random number generation. Red Hat rates this important (CVSS 7.5). Weakness: CWE-338.
Arbitrary code execution via pickle deserialization bypass. Red Hat rates this important (CVSS 8.8). Weakness: CWE-693.
Arbitrary code execution due to incomplete denylist in deserialization. Red Hat rates this important (CVSS 8.8). Weakness: CWE-184.
Arbitrary Code Execution via Untrusted JAR File Loading. Red Hat rates this important (CVSS 7.8). Weakness: CWE-347.
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In __ip6_append_data(), when the paged-allocation branch is taken (MSG_MORE / NETIF_F_SG / large fraglen), alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen; pagedlen = datalen - transhdrlen; datalen already includes fraggap (datalen = length + fraggap). When fraggap is non-zero, this is not the first skb and transhdrlen is zero. The fraggap bytes carried over from the previous skb are copied just past the fragment headers in the new skb's linear area. The linear area is therefore undersized by fraggap bytes while pagedlen is overstated by the same amount, and the copy writes past skb->end into the trailing skb_shared_info. An unprivileged user can trigger this via a UDPv6 socket using MSG_MORE together with MSG_SPLICE_PAGES. The bad accounting was introduced by commit 773ba4fe9104 ("ipv6: avoid partial copy for zc"). Before commit ce650a166335 ("udp6: Fix __ip6_append_data()'s handling of MSG_SPLICE_PAGES"), the negative copy value caused -EINVAL to be returned. That later commit allowed MSG_SPLICE_PAGES to proceed in this case, making the corruption triggerable. After this adjustment, copy no longer collapses to -fraggap on the paged path, so remove the stale comment describing that old arithmetic.
Require in-GHCB scratch area if GHCB v2+ is in use. Red Hat rates this important (CVSS 7). Weakness: CWE-787.
Fix shadow paging use-after-free due to unexpected role. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:36957 with package kernel-0:6.12.0-211.32.1.el10_2, kernel-0:5.14.0-427.137.1.el9_4, kernel-0:5.14.0-687.24.1.el9_8. Affected products named by the advisory: Red Hat Enterprise Linux 1; Red Hat Enterprise Linux 9.
In the Linux kernel, the following vulnerability has been resolved: af_unix: Set gc_in_progress to true in unix_gc(). Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unix_schedule_gc() unix_schedule_gc() `- if (!gc_in_progress) `- if (!gc_in_progress) |- gc_in_progress = true | `- queue_work() | unix_gc() <----------------/ | | |- gc_in_progress = true ... `- queue_work() | | `- gc_in_progress = false | | unix_gc() <---------------------------------------------' | ... /* gc_in_progress == false */ | `- gc_in_progress = false unix_peek_fpl() relies on gc_in_progress not to confuse GC by MSG_PEEK. A race condition exists within the `unix_gc()` garbage collection function where the `gc_in_progress` flag may not be correctly set. This could lead to `unix_peek_fpl()` misinterpreting garbage collection status when handling `MSG_PEEK` operations, potentially causing unexpected behavior or information disclosure to a local attacker. Red Hat severity: Moderate — CVSS 7 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). Weakness: CWE-366. Affected Red Hat products: Red Hat Enterprise Linux 10. Red Hat does not currently list a fixing RHSA for this CVE.
Arbitrary code execution via deserialization vulnerability. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene. Net (Lucene. Net.Replicator library). This issue affects Apache Lucene. Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene. Net (Lucene. Net.Replicator library). This issue affects Apache Lucene. Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue.
Man-in-the-middle attack via SSH host key bypass. Red Hat rates this important (CVSS 7.4). Weakness: CWE-347. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Information disclosure due to persistent Referer header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-201. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.