Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: The issue in fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e “drivers/of: Fix depth when unflattening devicetree” forgot to fix the depth check in the loop body of unflattendtnodes. This could lead to an overflo...

ImageMagick: Stack overflow in fx operation

Due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument...

GHSA-RCR6-G7JC-F57G ImageMagick: Stack overflow in fx operation

Due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument...

PT-2026-41804

Due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument...

PT-2026-23759

Name of the Vulnerable Software and Affected Versions Mercurius versions prior to 16.8.0 Description Mercurius does not properly enforce the configured queryDepth limit on GraphQL subscription queries received over WebSocket connections. The depth check functions as expected for HTTP queries and...

CVE-2026-1849

MongoDB Server is affected by an out-of-memory failure triggered while evaluating expressions that produce deeply nested documents. The root cause is that recursive functions do not periodically check expression depth, allowing unbounded nesting to exhaust memory. Impact is Availability (high) wi...

Mongod can run out of stack memory when expressions create deeply nested documents

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

CLSA-2026-1767608985 libxml2: Fix of CVE-2025-9714

CVE-2025-9714: fix XPath depth check to work with recursive invocations...

libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...

EUVD-2019-3088

Malware in sbrugna...

EUVD-2025-20074

Malicious code in bioql PyPI...

EUVD-2025-25367

Malicious code in bioql PyPI...

SUSE CVE-2025-38710

In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate idepth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in direread, causing an undefined shift by 32 at: index = hash 32 - dip-idepth; As calculated in an open-coded way in...

Linux Distros Unpatched Vulnerability : CVE-2025-22079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add ...

CVE-2025-38182

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

AZL-64731 CVE-2025-38182 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

CVE-2025-38182 ublk: santizize the arguments from userspace when adding a device

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

UBUNTU-CVE-2025-22079

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add a check to prevent out-of-bounds access if ltreedepth has an invalid...

Linux Distros Unpatched Vulnerability : CVE-2022-48672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e drivers/of: Fix depth...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to a missing maximum tree depth check in emitter functions. Remediation Upgrade rapidyaml to version 0.7.0 or higher. References - GitHub Commit - GitHub PR...