Lucene search
K

685 matches found

RedHat Linux
RedHat Linux
added 2025/05/05 2:35 p.m.20 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/26 12:0 a.m.8 views

CVE-2025-46656

python-markdownify aka markdownify before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption...

2.9CVSS6.8AI score0.00181EPSS
Exploits1References2
Veracode
Veracode
added 2025/04/24 4:55 p.m.10 views

XML Entity Expansion (XEE)

org.apache.solr, solr-core is vulnerable to an XML Entity Expansion XEE. The vulnerability is due to XML resource consumption caused by the use of XML DOCTYPE and ENTITY declarations, which allows an attacker to trigger excessive memory usage during XML parsing, leading to out-of-memory errors...

7.5CVSS6.6AI score0.07505EPSS
Exploits1References13Affected Software1
RedHat Linux
RedHat Linux
added 2025/04/23 12:41 p.m.15 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.26 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

7.5CVSS7.2AI score0.01325EPSS
Exploits0References13
Ubuntu
Ubuntu
added 2025/04/14 12:21 a.m.18 views

USN-7433-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick did not properly limit image dimensions, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. CVE-2025-27795 It was discovered that GraphicsMagick did not properly handle certain memory...

9.8CVSS5AI score0.00413EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.11 views

RHEL 9 : grafana (RHSA-2025:3616)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3616 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.13 views

RHEL 9 : grafana (RHSA-2025:3618)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3618 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.5 views

CBL Mariner 2.0 Security Update: gdb (CVE-2022-48064)

The version of gdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48064 advisory. - GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the functi...

5.5CVSS5.8AI score0.0059EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/04/09 8:55 p.m.13 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.50 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.50 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.0113EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2025/04/09 4:47 a.m.21 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.24 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.24 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/04/07 2:7 a.m.4 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References2
Veracode
Veracode
added 2025/04/03 2:50 a.m.10 views

Out Of Memory Error

org.keycloak, keycloak-services is vulnerable to an Out Of Memory Error. The vulnerability is due to unbounded caching of JWT tokens with long expiration times, causing excessive memory consumption and potential system failure. It allows an attacker to cause a Denial of Service DoS by exhausting...

4.9CVSS6.9AI score0.00654EPSS
Exploits0References6Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/04/01 7:0 a.m.3 views

jwt-go allows excessive memory allocation during header parsing

...

7.5CVSS7.2AI score0.00693EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.21 views

Amazon Linux 2 : runfinch-finch (ALASDOCKER-2025-053)

The version of runfinch-finch installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-053 advisory. SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients...

8.7CVSS7.1AI score0.00868EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.16 views

Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-914)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-914 advisory. SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to b...

8.7CVSS7.1AI score0.00868EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/03/27 3:46 p.m.19 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.8AI score0.01261EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2025/03/27 12:0 a.m.17 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References4
OSV
OSV
added 2025/03/26 5:24 p.m.15 views

GO-2025-3553 Excessive memory allocation during header parsing in github.com/golang-jwt/jwt

Excessive memory allocation during header parsing in github.com/golang-jwt/jwt...

7.5CVSS7.5AI score0.00693EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/21 9:42 p.m.135 views

CVE-2025-30204 jwt-go allows excessive memory allocation during header parsing

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS0.00693EPSS
Exploits0References3
OSV
OSV
added 2025/03/20 12:32 p.m.12 views

GHSA-V464-R2R9-WWW7 Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP

An Out-Of-Memory OOM vulnerability exists in the ollama server version 0.3.14. This vulnerability can be triggered when a malicious API server responds with a gzip bomb HTTP response, leading to the ollama server crashing. The vulnerability is present in the makeRequestWithRetry and...

7.5CVSS6.9AI score0.00672EPSS
Exploits2References3
Rows per page
Query Builder