Lucene search
K

685 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-20502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4DataBuffer class when called from AP4HvccAtom::Create ...

6.5CVSS6.4AI score0.01053EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-20095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as...

6.5CVSS6.4AI score0.01157EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:40 a.m.2 views

Excessive memory allocation in net/http and net/textproto

...

7.5CVSS9.3AI score0.01888EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-20019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attempted excessive memory allocation was discovered in MatVarRead5 in mat5.c in matio 1.5.17. CVE-2019-20019 Note that Nessus relies on the presence of the...

6.5CVSS6.6AI score0.00856EPSS
Exploits1References3
NVD
NVD
added 2025/08/06 12:15 a.m.6 views

CVE-2025-54884

Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...

8.7CVSS0.00371EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/04 12:0 a.m.7 views

PT-2025-32167 · Nvidia · Nvidia Triton Inference Server

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server for Windows and Linux affected versions not specified Description: NVIDIA Triton Inference Server contains an issue where a user can trigger a segmentation fault by submitting an invalid request that causes...

7.8CVSS6.2AI score0.00556EPSS
Exploits0References5
OSV
OSV
added 2025/07/29 1:40 p.m.15 views

RLSA-2025:3344 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.8AI score0.00693EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2025/07/29 1:40 p.m.4 views

grafana security update

An update is available for grafana. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...

7.5CVSS7.2AI score0.00693EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.7 views

PT-2025-30614

Name of the Vulnerable Software and Affected Versions Redis versions through 7.4.3 Description Redis allows excessive memory consumption via a multi-bulk command consisting of numerous bulks sent by an authenticated user. The server allocates memory for command arguments for each bulk, even if th...

7.8CVSS6.5AI score0.03877EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2025/06/20 12:0 a.m.12 views

Apache Tomcat 11.0.0-M1 < 11.0.8 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.106, 10.1.0-M1 prior to 10.1.42 or 11.0.0-M1 prior to 11.0.8. It is, therefore, affected by multiple vulnerabilities : - A race condition on connection close could trigger a JVM crash when using the APR/Native...

8.4CVSS7.5AI score0.64718EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/06/19 12:8 a.m.7 views

CVE-2025-45526

A denial of service DoS vulnerability has been identified in the JavaScript library microlight version 0.0.7. This library, used for syntax highlighting, does not limit the size of textual content it processes in HTML elements with the microlight class. When excessively large content e.g., 100...

2.9CVSS4AI score0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 12:0 a.m.10 views

CVE-2025-45526

A denial of service DoS vulnerability has been identified in the JavaScript library microlight version 0.0.7. This library, used for syntax highlighting, does not limit the size of textual content it processes in HTML elements with the microlight class. When excessively large content e.g., 100...

2.9CVSS0.00123EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/15 2:25 p.m.4 views

CVE-2025-21085 PingFederate OAuth Grant attribute duplication may use excessive memory

PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization...

2.1CVSS7.1AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/15 2:25 p.m.18 views

CVE-2025-21085 PingFederate OAuth Grant attribute duplication may use excessive memory

PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization...

2.1CVSS0.00288EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/13 10:18 a.m.15 views

Security Bulletin: The Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression, affects watsonx.data

Summary In scenarios where input size isn't limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead toexcessive memory usage and an Out-Of-Memory OOM crash of the process. This issue is relatively uncomm...

7.5CVSS7.4AI score0.00577EPSS
Exploits0Affected Software1
Slackware Linux
Slackware Linux
added 2025/06/05 12:8 a.m.15 views

[slackware-security] python3

New python3 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/python3-3.9.23-i586-1slack15.0.txz: Upgraded. This update fixes security issues: gh-135034: CVE-2024-12718 CVE-2025-4138 CVE-2025-433...

9.4CVSS7AI score0.01184EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2025/06/05 12:0 a.m.5 views

RHEL 10 : osbuild-composer (RHSA-2025:7503)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7503 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/05 12:0 a.m.9 views

RHEL 10 : grafana (RHSA-2025:7475)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7475 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/28 12:0 a.m.9 views

RHEL 9 : osbuild-composer (RHSA-2025:8267)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8267 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.6 views

RHEL 9 : osbuild-composer (RHSA-2025:7425)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7425 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Rows per page
Query Builder