Azure Linux 3.0 Security Update: qemu (CVE-2023-3255)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3255 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit conditio...

CVE-2025-32947

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an infinite loop in the ath11kdprxmondestprocess function, which could cause the kernel to crash...

PT-2025-16674 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to device-exclusive handling and huge pages hugetlb. The issue causes problems with migration, swapout, and split handlin...

CVE-2025-32947

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities...

CVE-2025-32947

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities...

CVE-2025-32947

CVE-2025-32947 concerns PeerTube. The connected documents describe a DoS via an infinite loop in the "+inbox+" endpoint triggered by crafted ActivityPub activities, causing the PeerTube server to stop responding to requests. Affected software is PeerTube; the root cause is an infinite loop in han...

CVE-2025-32947 PeerTube ActivityPub Crawl Infinite Loop DoS

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities...

CVE-2025-32947 PeerTube ActivityPub Crawl Infinite Loop DoS

This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities...

CVE-2025-32944

The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading the archive. If the...

Denial Of Service (DoS)

@apeleghq/asn1-der is vulnerable to Denial of ServiceDoS. The vulnerability is due to incorrect arithmetic in the numBitLen function due to the use of the operator causing negative results for values between 2³¹ and 2³²-1, and attackers can exploit this to trigger an infinite loop and cause a...

Security Bulletin: IBM Cognos Controller is affected by vulnerabilities

Summary There are vulnerabilities in IBM® Java™, IBM® Websphere Application Server Liberty and Open-Source Software OSS components used by IBM Cognos Controller. Please refer to the table in the Related Information section for vulnerability impact. This Security Bulletin relates only to the direc...

PeerTube 安全漏洞

PeerTube is a decentralized video sharing service platform open-sourced by Chocobozzz. It is used to create video projects. PeerTube suffers from a security vulnerability that stems from an infinite loop that could cause the server to stop responding...

PT-2025-16344 · Peertube · Peertube

Name of the Vulnerable Software and Affected Versions: PeerTube affected versions not specified Description: This vulnerability allows an attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the inbox endpoint when receiving crafted ActivityPub activitie...

Security Bulletin: Vulnerabilities in dependencies affect IBM Voice Gateway

Summary Security Vulnerabilities in dependencies affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and...

BIT-PYTHON-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

BIT-PYTHON-MIN-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

Denial Of Service (DoS)

image-size is vulnerable to a Denial of Service vulnerability. The vulnerability is due to an infinite loop due to processing image boxes with size 0, which allows an attacker to cause the application to hang...

CVE-2025-29918

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...

CVE-2025-29918

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...