CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11140 matches found

OSV•added 2025/07/30 1:23 p.m.•7 views

GHSA-RXMQ-M78W-7WMC SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

Impact A specially crafted GIF file containing a malformed comment extension block with a missing block terminator can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input shou...

5.3CVSS6.9AI score0.00362EPSS

Exploits0References6

Github Security Blog•added 2025/07/30 1:23 p.m.•13 views

SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks

5.3CVSS6.9AI score0.00362EPSS

Exploits0References6Affected Software1

CNNVD•added 2025/07/30 12:0 a.m.•2 views

ImageSharp 安全漏洞

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API open-sourced by Six Labors. A security vulnerability exists in ImageSharp versions prior to 2.1.11 and 3.0.0 through 3.1.10, which stems from the possibility of entering an infinite loop when processing specially...

5.3CVSS6.3AI score0.00362EPSS

Exploits0References4

OpenVAS•added 2025/07/30 12:0 a.m.•6 views

Python DoS Vulnerability (Jul 2025) - Mac OS X

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

7.5CVSS7.1AI score0.00586EPSS

Exploits0References7

RedHat Linux•added 2025/07/29 5:1 p.m.•4 views

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

5.5CVSS7.1AI score0.00369EPSS

Exploits3References5

SUSE CVE•added 2025/07/28 11:32 p.m.•4 views

SUSE CVE-2024-58261

The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type...

7.5CVSS6.9AI score0.00361EPSS

Exploits1References3

SUSE CVE•added 2025/07/28 11:29 p.m.•2 views

SUSE CVE-2025-29918

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...

5.5CVSS6.8AI score0.00223EPSS

Exploits0References2

RedhatCVE•added 2025/07/28 9:14 p.m.•6 views

CVE-2025-8194

A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module. Mitigation This flaw can...

7.5CVSS6.1AI score0.00586EPSS

Exploits0References6

OSV•added 2025/07/28 7:15 p.m.•8 views

AZL-65987 CVE-2025-8194 affecting package python3 for versions less than 3.12.9-4

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

7.5CVSS6.8AI score0.00586EPSS

Exploits0References1

NVD•added 2025/07/28 7:15 p.m.•5 views

CVE-2025-8194

7.5CVSS0.00586EPSS

Exploits0References13

OSV•added 2025/07/28 7:15 p.m.•1 views

DEBIAN-CVE-2025-8194

7.5CVSS6.7AI score0.00586EPSS

Exploits0References1

OSV•added 2025/07/28 7:15 p.m.•6 views

AZL-65984 CVE-2025-8194 affecting package python3 for versions less than 3.9.19-15

7.5CVSS6.8AI score0.00586EPSS

Exploits0References1

OSV•added 2025/07/28 7:15 p.m.•4 views

CVE-2025-8194

7.5CVSS7.1AI score

Exploits0References13

Cvelist•added 2025/07/28 6:42 p.m.•10 views

CVE-2025-8194 Tarfile infinite loop during parsing with negative member offset

7.5CVSS0.00586EPSS

Exploits0References11

OSV•added 2025/07/28 6:42 p.m.•5 views

PSF-2025-11

7.5CVSS7.1AI score0.00586EPSS

Exploits0References11

ATTACKERKB•added 2025/07/28 6:42 p.m.•4 views

CVE-2025-8194

7.5CVSS5.8AI score0.00586EPSS

Exploits0References12Affected Software1

CVE•added 2025/07/28 6:42 p.m.•210 views

CVE-2025-8194

CVE-2025-8194 affects the CPython tarfile module (TarFile extraction/entry enumeration APIs). Malicious tar archives with negative offsets could trigger an infinite loop and deadlock during parsing. A patch is available to mitigate after importing tarfile (gist: sethmlarson/1716ac5b82b73dbcbf23ad...

7.5CVSS6.5AI score0.00586EPSS

Exploits0References13

Vulnrichment•added 2025/07/28 6:42 p.m.•1 views

CVE-2025-8194 Tarfile infinite loop during parsing with negative member offset

7.5CVSS6.5AI score0.00586EPSS

Exploits0References11

Debian CVE•added 2025/07/28 6:42 p.m.•5 views

CVE-2025-8194

7.5CVSS6.7AI score0.00586EPSS

Exploits0

RedhatCVE•added 2025/07/28 8:15 a.m.•7 views

CVE-2024-58261

A flaw was found in sequoia-openpgp. Processing RawCertParser operations with unsupported primary key types triggers an infinite loop of error messages. This flaw allows a local attacker to provide a specially crafted certificate file, resulting in a denial of service due to resource exhaustion...

7.5CVSS5.9AI score0.00361EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by