aiohttp: DoS when trying to parse malformed POST requests

An infinite loop flaw was found in aiohttp when handling POST multipart/form-data requests. This flaw allows an attacker to send a specially crafted request, leading the server to enter an infinite loop and render it unable to process any further requests. This denial of service can be triggered ...

SUSE SLES15 Security Update : ovmf (SUSE-SU-2025:0407-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0407-1 advisory. - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 -...

The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the kernel component of the Linux operating system is related to an infinite loop. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE SLES15 / openSUSE 15 Security Update : ovmf (SUSE-SU-2025:0421-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0421-1 advisory. - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc12188...

SUSE-SU-2025:0421-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 - CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 - CVE-2023-45231:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: A overflow issue in getfreeelt has been fixed. The variable tracingmap-nextelt is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracingmap, even though the maximum number of...

PT-2025-16663

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the wifi ath11k driver. The issue occurs while processing the monitor destination ring, where the driver may fail to...

SUSE-SU-2025:0407-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 - CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 - CVE-2023-45231:...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to nanoid-3.3.7.tgz CVE-2024-55565

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to nanoid-3.3.7.tgz CVE-2024-55565. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-55565 DESCRIPTION: nanoid aka Nano ID before 5.0.9 mishandles non-integer...

Azure Linux 3.0 Security Update: kernel (CVE-2024-43828)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43828 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying...

EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-1177)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored,...

Azure Linux 3.0 Security Update: kernel (CVE-2024-35982)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35982 advisory. - In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying t...

Azure Linux 3.0 Security Update: libsoup (CVE-2024-52532)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52532 advisory. - GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain...

Azure Linux 3.0 Security Update: edk2 / hvloader (CVE-2023-45233)

The version of edk2 / hvloader installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45233 advisory. - EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option i...

Azure Linux 3.0 Security Update: edk2 / hvloader (CVE-2023-45232)

The version of edk2 / hvloader installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45232 advisory. - EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown option...

Azure Linux 3.0 Security Update: golang / python-tensorboard (CVE-2021-27918)

The version of golang / python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-27918 advisory. - encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a...

EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2025-1141)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored,...

EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-1193)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored,...

CVE-2022-29190

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available...

CVE-2019-5091

An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability...