Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 CVE-2025-53019: Fixed format specifiers in a filename...

SUSE-SU-2025:02801-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 - CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 - CVE-2025-53019: Fixed format specifiers in a filenam...

SUSE-SU-2025:02795-1 Security update for cairo

This update for cairo fixes the following issues: - CVE-2019-6462: Fixed a potentially infinite loop bsc1122321...

Security update for cairo

This update for cairo fixes the following issues: CVE-2019-6462: Fixed a potentially infinite loop bsc1122321. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...

LLM Coding Integrity Breach

Here's an interesting story about a failure being introduced by LLM-written code. Specifically, the LLM was doing some code refactoring, and when it moved a chunk of code from one file to another it changed a "break" to a "continue." That turned an error logging statement into an infinite loop,...

CVE-2025-51986

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet...

SILA Embedded Solutions Freemodbus 安全漏洞

SILA Embedded Solutions Freemodbus is an open source Modbus protocol stack from SILA Embedded Solutions. A security vulnerability exists in SILA Embedded Solutions Freemodbus v.2018-09-12, which stems from a specially crafted length value leading to an infinite loop...

CVE-2025-51986

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet...

PT-2025-33355 · Unknown · Freemodbus

Name of the Vulnerable Software and Affected Versions: freemodbus version 2018-09-12 Description: An issue was discovered in the demo/LINUXTCP implementation of freemodbus, allowing attackers to reach an infinite loop via a crafted length value for a packet. Recommendations: At the moment, there ...

CVE-2025-51986

CVE-2025-51986 affects the demo/LINUXTCP implementation of freemodbus (v2018-09-12). The root cause is a crafted length value in a packet that can cause an infinite loop, per multiple connected sources (NVD/Red Hat/CIRCL/CVE lists). Impact stated as potential denial of service via infinite loop; ...

Linux Distros Unpatched Vulnerability : CVE-2023-53133

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer length of the recvmsg system call is 0, we got the flollowing sof...

BIT-LIBPYTHON-2025-8194 Tarfile infinite loop during parsing with negative member offset

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

BIT-PYTHON-2025-8194 Tarfile infinite loop during parsing with negative member offset

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

BIT-PYTHON-MIN-2025-8194 Tarfile infinite loop during parsing with negative member offset

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

BIT-LIBPHP-2024-2757 PHP mb_encode_mimeheader runs endlessly for some inputs

In PHP 8.3. before 8.3.5, function mbencodemimeheader runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function...

BIT-LIBPHP-2022-31628 phar wrapper can occur dos when using quine gzip file

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...

BIT-LIBPYTHON-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

BIT-LIBPYTHON-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability...

Security Bulletin: Astronomer with IBM is vulnerable to several vulnerabilities

Summary Open source software is used by Astronomer with IBM as part of overall processing functionality. Vulnerability Details CVEID:CVE-2021-33194 DESCRIPTION: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service infinite loop via crafted...

Linux Distros Unpatched Vulnerability : CVE-2022-29190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinit...