Lucene search
K

11150 matches found

Vulnrichment
Vulnrichment
added 2025/03/20 10:8 a.m.7 views

CVE-2024-9340 Denial of Service (DoS) via Multipart Boundary in zenml-io/zenml

A Denial of Service DoS vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundar...

7.5CVSS7.6AI score0.00896EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

ZenML 资源管理错误漏洞

ZenML is an extensible open source MLOps framework from ZenML Open Source for creating portable, production-ready machine learning pipelines. A resource management error vulnerability exists in ZenML version 0.66.0, which stems from a flaw in the multipart request boundary handling mechanism that...

7.5CVSS7.3AI score0.00896EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.7 views

PT-2025-12140 · Run Llama · Llama Index

Name of the Vulnerable Software and Affected Versions: run-llama/llama index version v0.12.5 Description: A vulnerability in the LangChainLLM class allows for a Denial of Service DoS attack. The stream complete method executes the llm using a thread and retrieves the result via the get response g...

7.5CVSS7.3AI score0.00761EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.8 views

RockyLinux 9 : runc (RLSA-2024:9200)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9200 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 Tenable has extracted the preceding description block directly from the RockyLinux...

5.9CVSS7.4AI score0.01001EPSS
Exploits0References3
OSV
OSV
added 2025/03/18 5:32 p.m.3 views

CLSA-2025-1742319123 java-11-openjdk: Fix of 11 CVEs

Upgrade to openjdk-11.0.26+4. The following CVEs were fixed: - CVE-2024-21131: potential UTF8 size overflow - CVE-2024-21138: excessive symbol length can lead to infinite loop - CVE-2024-21140: range Check Elimination RCE pre-loop limit overflow - CVE-2024-21144: Pack200 increase loading time due...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/18 12:0 a.m.15 views

Linux kernel infinite loop vulnerability (CNVD-2025-05315)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from an infinite loop vulnerability that stems from a namespace disablement that can lead to a crash. The vulnerability can be exploited by an attacker to...

5.5CVSS6.5AI score0.00169EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/18 12:0 a.m.9 views

PT-2025-35965

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An infinite loop may occur in the exFAT file system due to file system corruption if a cluster chain includes a loop and there are no unused entries in the chain. Specifically, this issu...

6CVSS6.1AI score0.00145EPSS
Exploits0
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.6 views

oci-seccomp-bpf-hook security update

An update is available for oci-seccomp-bpf-hook. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OCI Hook to generate seccomp json files based on EBF syscalls us...

5.9CVSS6.6AI score0.01001EPSS
Exploits0
OSV
OSV
added 2025/03/17 8:16 p.m.11 views

RLSA-2024:9559 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names CVE-2024-52530 For more details about the security...

7.5CVSS6.9AI score0.00933EPSS
Exploits1References3
OSV
OSV
added 2025/03/17 8:16 p.m.7 views

RLSA-2024:9200 Moderate: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 For more details about the security issues, including the impact, a CVSS score,...

5.9CVSS6.6AI score0.01001EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/03/14 5:31 p.m.15 views

In Azle, calling `setTimer` causes infinite loop of timers

Impact Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of setTimer. Patches The...

8.7CVSS6.7AI score0.00349EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/14 5:31 p.m.3 views

GHSA-XC76-5PF9-MX8M In Azle, calling `setTimer` causes infinite loop of timers

Impact Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of setTimer. Patches The...

8.7CVSS6.6AI score0.00349EPSS
Exploits0References4
NVD
NVD
added 2025/03/14 2:15 p.m.7 views

CVE-2025-29776

Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...

8.7CVSS0.00349EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/14 1:13 p.m.5 views

CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers

Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...

8.7CVSS6.4AI score0.00349EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/14 1:13 p.m.10 views

CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers

Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...

8.7CVSS0.00349EPSS
Exploits0References2
CVE
CVE
added 2025/03/14 1:13 p.m.55 views

CVE-2025-29776

Summary of CVE-2025-29776 (Azle): Azle, a WebAssembly runtime for TypeScript/JavaScript on ICP, is affected when calling setTimer in versions 0.27.0, 0.28.0, or 0.29.0. Each valid setTimer invocation can trigger an immediate infinite loop of timers that attempt to clean up the global state of the...

8.7CVSS6.4AI score0.00349EPSS
Exploits0References2
OSV
OSV
added 2025/03/14 1:13 p.m.4 views

CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers

Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...

8.7CVSS6.5AI score0.00349EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.48 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-082 (ALASKERNEL-5.10-2025-082)

The version of kernel installed on the remote host is prior to 5.10.234-225.895. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-082 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...

7.8CVSS6.6AI score0.00585EPSS
Exploits1References58
Microsoft CVE
Microsoft CVE
added 2025/03/13 7:0 a.m.1 views

exfat: fix the infinite loop in exfat_readdir()

...

5.5CVSS7.4AI score0.00218EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 2:10 p.m.25 views

Security Bulletin: Netcool Operations Insights 1.6.14 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.14 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: Requests is a HTTP library. Since Requests 2.3.0,...

8.2CVSS9.7AI score0.91969EPSS
Exploits3Affected Software1
Rows per page
Query Builder