11150 matches found
CVE-2024-9340 Denial of Service (DoS) via Multipart Boundary in zenml-io/zenml
A Denial of Service DoS vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundar...
ZenML 资源管理错误漏洞
ZenML is an extensible open source MLOps framework from ZenML Open Source for creating portable, production-ready machine learning pipelines. A resource management error vulnerability exists in ZenML version 0.66.0, which stems from a flaw in the multipart request boundary handling mechanism that...
PT-2025-12140 · Run Llama · Llama Index
Name of the Vulnerable Software and Affected Versions: run-llama/llama index version v0.12.5 Description: A vulnerability in the LangChainLLM class allows for a Denial of Service DoS attack. The stream complete method executes the llm using a thread and retrieves the result via the get response g...
RockyLinux 9 : runc (RLSA-2024:9200)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9200 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 Tenable has extracted the preceding description block directly from the RockyLinux...
CLSA-2025-1742319123 java-11-openjdk: Fix of 11 CVEs
Upgrade to openjdk-11.0.26+4. The following CVEs were fixed: - CVE-2024-21131: potential UTF8 size overflow - CVE-2024-21138: excessive symbol length can lead to infinite loop - CVE-2024-21140: range Check Elimination RCE pre-loop limit overflow - CVE-2024-21144: Pack200 increase loading time due...
Linux kernel infinite loop vulnerability (CNVD-2025-05315)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from an infinite loop vulnerability that stems from a namespace disablement that can lead to a crash. The vulnerability can be exploited by an attacker to...
PT-2025-35965
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An infinite loop may occur in the exFAT file system due to file system corruption if a cluster chain includes a loop and there are no unused entries in the chain. Specifically, this issu...
oci-seccomp-bpf-hook security update
An update is available for oci-seccomp-bpf-hook. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OCI Hook to generate seccomp json files based on EBF syscalls us...
RLSA-2024:9559 Important: libsoup security update
The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names CVE-2024-52530 For more details about the security...
RLSA-2024:9200 Moderate: runc security update
The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 For more details about the security issues, including the impact, a CVSS score,...
In Azle, calling `setTimer` causes infinite loop of timers
Impact Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of setTimer. Patches The...
GHSA-XC76-5PF9-MX8M In Azle, calling `setTimer` causes infinite loop of timers
Impact Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of setTimer. Patches The...
CVE-2025-29776
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776
Summary of CVE-2025-29776 (Azle): Azle, a WebAssembly runtime for TypeScript/JavaScript on ICP, is affected when calling setTimer in versions 0.27.0, 0.28.0, or 0.29.0. Each valid setTimer invocation can trigger an immediate infinite loop of timers that attempt to clean up the global state of the...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-082 (ALASKERNEL-5.10-2025-082)
The version of kernel installed on the remote host is prior to 5.10.234-225.895. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-082 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...
exfat: fix the infinite loop in exfat_readdir()
...
Security Bulletin: Netcool Operations Insights 1.6.14 addresses multiple security vulnerabilities.
Summary Netcool Operations Insight v1.6.14 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: Requests is a HTTP library. Since Requests 2.3.0,...