CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11041 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в openldap

A flaw was discovered in OpenLDAP before version 2.4.57, which led to an infinite loop in slapd due to the cancelextop Cancel operation, resulting in a denial of service...

7.5CVSS6.9AI score0.6363EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fsdax: Fixed an infinite loop in daxiomaprw. I encountered an infinite loop and a warning message when executing the tail command in virtiofs. The warning message reads: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d...

6.2CVSS5.8AI score0.00007EPSS

Exploits0References2

Tenable Nessus•added 2026/05/20 12:0 a.m.•4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021637 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task...

5.5CVSS6AI score0.00007EPSS

Exploits0References4

RedhatCVE•added 2026/05/19 11:19 p.m.•9 views

CVE-2026-32739

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF High Efficiency Image File Format sequence file. This would trigger an infinite loop during file parsing, consuming 100% CPU...

6.5CVSS5.8AI score0.00047EPSS

Exploits1References5

RedHat Linux•added 2026/05/19 9:55 p.m.•8 views

dnsmasq: NSEC bitmap parsing infinite loop

A denial of service vulnerability was discovered in dnsmasq's DNSSEC validation. When parsing NSEC and NSEC3 bitmap records, the window iteration logic fails to account for the 2-byte window header when advancing through the bitmap data. A specially crafted DNS response with a zero-length bitmap...

7.5CVSS5.8AI score0.0024EPSS

Exploits0References5

Snyk•added 2026/05/19 9:51 p.m.•4 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the getsampleduration function. An attacker can cause the application to enter an infinite loop and consume excessive CPU resources by providing a specially crafted HEIF file during file parsing. Remediation A fix was...

7.1CVSS5.8AI score0.00047EPSS

Exploits1References2

OSV•added 2026/05/19 8:16 p.m.•2 views

ALPINE-CVE-2026-32739

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

6.5CVSS5.2AI score0.00047EPSS

Exploits1References1

OSV•added 2026/05/19 8:16 p.m.•4 views

DEBIAN-CVE-2026-32739

6.5CVSS5.7AI score0.00047EPSS

Exploits1References1

NVD•added 2026/05/19 8:16 p.m.•9 views

CVE-2026-32739

6.5CVSS0.00047EPSS

Exploits1References2

UbuntuCve•added 2026/05/19 8:16 p.m.•3 views

CVE-2026-32739

6.5CVSS5.8AI score0.00047EPSS

Exploits1References3

OSV•added 2026/05/19 8:16 p.m.•2 views

UBUNTU-CVE-2026-32739

6.5CVSS5.7AI score0.00047EPSS

Exploits1References4

OSV•added 2026/05/19 8:9 p.m.•4 views

GHSA-M6XR-FVFG-5G64 Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

Summary dasel's selector lexer enters a non-terminating loop when tokenizing an unterminated regex pattern such as r/abc. A 2-byte input r/ is sufficient to cause the tokenizer to consume 100% CPU on one core indefinitely. I confirmed the issue on v3.3.1 fba653c7f248aff10f2b89fca93929b64707dfc8 a...

7.5CVSS5.8AI score

Exploits0References3

Github Security Blog•added 2026/05/19 8:9 p.m.•11 views

Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

5.8AI score

Exploits0References3Affected Software1

Github Security Blog•added 2026/05/19 7:50 p.m.•6 views

OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Summary The BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling directories.TryGetSiblingchild, siblingType, validateColor. A crafted CFB file with cyclic Left/Right sibling links among directory entries -...

5.9AI score

Exploits0References2Affected Software1

EUVD•added 2026/05/19 7:25 p.m.•9 views

EUVD-2026-29951

Bandit: Unauthenticated DoS via chunked request trailers in Bandit HTTP/1 decoder...

8.7CVSS5.8AI score0.0105EPSS

Exploits1References5

ATTACKERKB•added 2026/05/19 7:10 p.m.•5 views

CVE-2026-32739

6.5CVSS5.7AI score0.00047EPSS

Exploits1References3Affected Software1

CVE•added 2026/05/19 7:10 p.m.•13 views

CVE-2026-32739

libheif (HEIF/AVIF decoder) is affected through versions 1.21.2 and earlier, where a crafted 800-byte HEIF sequence file can trigger an infinite loop in Box_stts::get_sample_duration() during parsing, causing 100% CPU DoS with no progress and no crashログ. The issue is triggered on file open and is...

6.5CVSS5.7AI score0.00047EPSS

Exploits1References2Affected Software1