Lucene search
K

201 matches found

SUSE CVE
SUSE CVE
added 2025/11/28 12:22 a.m.5 views

SUSE CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/26 10:57 p.m.7 views

CVE-2025-64333 Suricata is vulnerable to a stack overflow from big content-type

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/11/26 10:57 p.m.19 views

CVE-2025-64333

CVE-2025-64333 : Suricata before 7.0.13 and 8.0.2 can stack overflow when logging a large HTTP content type; patched in 7.0.13/8.0.2. Workarounds include limiting stream.reassembly.depth to less than half the stack size; increasing process stack size reduces trigger likelihood.

7.5CVSS6.4AI score0.00278EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2025/11/12 12:40 a.m.5 views

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

5.5CVSS5.7AI score0.00153EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-48206

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata, a network IDS, IPS and NSM engine, is susceptible to a stack overflow when logging large HTTP content types. This can lead to Suricata crashing. A...

7.8CVSS6.8AI score0.01172EPSS
Exploits3References59
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed semi-unbounded recursion. Ensured that epoll instances never form a graph with more than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is free of loops and performs some recursion depth...

5.5CVSS6.4AI score0.00153EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/10/20 10:1 a.m.3 views

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

5.5CVSS5.7AI score0.00153EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-20850

Malware in sbrugna...

7.5CVSS7.6AI score0.02337EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-17115

Malware in sbrugna...

7.5CVSS7.6AI score0.02692EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-25367

Malicious code in bioql PyPI...

6.3AI score0.00153EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54289

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00319EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/30 12:0 a.m.3 views

PT-2025-40041

Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...

7.5CVSS6.9AI score0.00502EPSS
Exploits0References6
Veracode
Veracode
added 2025/09/23 9:54 a.m.4 views

Query Depth Restriction Bypass

@escape.tech/graphql-armor-max-depth is vulnerable to query depth restriction bypass. The vulnerability is due to the ignoreIntrospection option being enabled by default, which allows an attacker to bypass the max-depth restriction by naming a query or fragment schema...

7AI score
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/15 6:59 a.m.4 views

CVE-2025-59375

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.7AI score0.01279EPSS
Exploits1References7
Snyk
Snyk
added 2025/08/26 6:42 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview @escape.tech/graphql-armor-max-depth is a Limit the depth allowed in a GraphQL query. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the countDepth function when the ignoreIntrospection configuration is enabled. An attacker ca...

6.9CVSS6.9AI score
Exploits0References2
NVD
NVD
added 2025/08/25 3:15 p.m.3 views

CVE-2025-5302

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS0.0026EPSS
Exploits0References2
CVE
CVE
added 2025/08/19 5:3 p.m.49 views

CVE-2025-38614

The CVE-2025-38614 entry describes a Linux kernel vulnerability in eventpoll where recursion depth in ep_loop_check_proc() could form deep trees and trigger semi-unbounded recursion. The root cause involved two shortcomings: (1) the depth checks did not consider upward paths, and (2) multiple dow...

5.5CVSS7AI score0.00153EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2025/08/19 5:3 p.m.9 views

CVE-2025-38614 eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

5.5CVSS6.1AI score0.00153EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-52999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a...

8.7CVSS6.6AI score0.00634EPSS
Exploits0References3
Amazon
Amazon
added 2025/08/08 12:0 a.m.4 views

Medium: jackson-core

Issue Overview: jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth...

8.7CVSS6.8AI score0.00634EPSS
Exploits0
Rows per page
Query Builder