CVE-2023-53026 RDMA/core: Fix ib block iterator counter overflow

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size...

CVE-2023-53026

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size...

juno 输入验证错误漏洞

juno is a library from the Nethermind community designed to decentralize Starknet. An input validation error vulnerability exists in juno versions prior to 0.12.5, which stems from an integer overflow and could lead to an infinite loop and denial of service...

CVE-2025-2838

Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerabilit...

CVE-2025-2838

Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerabilit...

CVE-2025-2838

CVE-2025-2838 affects Silicon Labs Gecko OS. The issue is a logic error in DNS response processing that can cause an infinite loop, leading to denial of service. Attack requires network adjacency and no authentication. Impact is Availability (per CVSS: AV:A, AC:L, PR:N, UI:N, S:U, C:N, I:N, A:H; ...

Denial Of Service (DoS)

ai.h2o, h2o-core is vulnerable to Denial Of Service DoS. The vulnerability is due to improper input validation of the path parameter in the /3/ImportFiles endpoint, allowing it to reference itself recursively and trigger an infinite loop...

Silicon Gecko OS 安全漏洞

Silicon Gecko OS is a highly optimized and feature-rich IoT operating system from Silicon. A security vulnerability exists in Silicon Gecko OS, which stems from an infinite loop in DNS response processing that could lead to a denial of service...

CVE-2024-10907

In lm-sys/fastchat Release v0.2.36, the server fails to handle excessive characters appended to the end of multipart boundaries. This flaw can be exploited by sending malformed multipart requests with arbitrary characters at the end of the boundary. Each extra character is processed in an infinit...

CVE-2024-10821

A Denial of Service DoS vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server version v5.0.1 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries...

CVE-2024-9340

A Denial of Service DoS vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundar...

The vulnerability of the virtnet_get_rxfh() function in the drivers/net/virtio_net.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the virtnetgetrxfh function in the drivers/net/virtionet.c file of the Linux kernel is related to the execution of a loop with an unreachable exit condition „Infinite loop“. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the mcp251xfd_open() function in the drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mcp251xfdopen function in the drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c module of the Linux kernel is related to the execution of a loop with an unreachable exit condition „Infinite loop“. Exploiting this vulnerability could allow an attacker to cause a service failu...

K000150488: Multiple Wireshark/tshark vulnerabilities

Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...

ZenML unauthenticated DoS via Multipart Boundry

A Denial of Service DoS vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundar...

Infinite loop

Overview zenml is a ZenML: Write production-ready ML code. Affected versions of this package are vulnerable to Infinite loop through the multipart request boundary processing mechanism. An attacker can cause excessive resource consumption by sending malformed multipart requests with arbitrary...

LlamaIndex Improper Handling of Exceptional Conditions vulnerability

A vulnerability in the LangChainLLM class of the run-llama/llamaindex repository, version v0.12.5, allows for a Denial of Service DoS attack. The streamcomplete method executes the llm using a thread and retrieves the result via the getresponsegen method of the StreamingGeneratorCallbackHandler...

Denial of Service (DoS)

Overview InvokeAI is an An implementation of Stable Diffusion which provides various new features and options to aid the image generation process Affected versions of this package are vulnerable to Denial of Service DoS through the multipart request boundary processing mechanism. An attacker can...

GHSA-6F6X-F56Q-5XGV InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload`

A Denial of Service DoS vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server version v5.0.1 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries...

CVE-2024-12704

A vulnerability in the LangChainLLM class of the run-llama/llamaindex repository, version v0.12.5, allows for a Denial of Service DoS attack. The streamcomplete method executes the llm using a thread and retrieves the result via the getresponsegen method of the StreamingGeneratorCallbackHandler...