Lucene search
K

11150 matches found

RedHat Linux
RedHat Linux
added 2024/10/30 6:18 p.m.38 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.6 security update

An update is now available for Red Hat OpenShift GitOps v1.12.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7.2AI score0.01262EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2024/10/30 1:41 a.m.7 views

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

5.5CVSS6.8AI score0.00286EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/10/30 1:33 a.m.2 views

github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp

A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is...

6.2CVSS7.3AI score0.00236EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 10:6 p.m.19 views

Security Bulletin: IBM Master Data Management is vulnerable to denial of service from a vulnerability found in OpenSSL (CVE-2022-0778)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a denial of service from a vulnerability found in OpenSSL. OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing certificates. By using a specially-crafted certificate with invali...

7.5CVSS7.1AI score0.70561EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
added 2024/10/25 6:38 p.m.19 views

K000148255: libarchive vulnerabilities CVE-2019-1000020 and CVE-2019-1000019

Security Advisory Description CVE-2019-1000020 libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards version v2.8.0 onwards contains a CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in ISO9660 parser, archivereadsupportformatiso9660.c,...

6.5CVSS6.9AI score0.03407EPSS
Exploits1Affected Software12
Tenable Nessus
Tenable Nessus
added 2024/10/25 12:0 a.m.13 views

F5 Networks BIG-IP : libarchive vulnerabilities (K000148255)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the K000148255 advisory. CVE-2019-1000020libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards version v2.8.0...

6.5CVSS6.4AI score0.03407EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/24 4:9 p.m.30 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could allow a...

8.8CVSS8.5AI score0.01939EPSS
Exploits1Affected Software1
Veracode
Veracode
added 2024/10/23 11:27 a.m.7 views

Denial Of Service (DoS)

github.com/gomarkdown/markdown is vulnerable to Denial Of Service DoS. The vulnerability is due to a logical problem in the paragraph function of the parser/block.go file, which allows a remote attacker to cause an infinite loop by providing specially crafted input, resulting in the program hangi...

5.1CVSS5AI score0.00501EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2024/10/23 5:52 a.m.2 views

github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp

A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is...

6.2CVSS7.3AI score0.00236EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.5 views

The vulnerability of the entry_SYSCALL_compat() function in the Linux operating system’s kernel on the x86 platform allows a hacker to trigger a service failure.

The vulnerability of the entrySYSCALLcompat function in the arch/x86/entry/entry64compat.S module of the Linux operating system’s kernel on the x86 platform is related to an infinite loop. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00219EPSS
Exploits0References24Affected Software7
SUSE CVE
SUSE CVE
added 2024/10/22 2:50 a.m.1 views

SUSE CVE-2024-49994

In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blkioctldiscard but for secure erase. Same problem: uint64t r2 = 512,...

5.5CVSS7.4AI score0.00238EPSS
Exploits0References19
OSV
OSV
added 2024/10/21 6:15 p.m.1 views

DEBIAN-CVE-2024-49994

In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blkioctldiscard but for secure erase. Same problem: uint64t r2 = 512,...

5.5CVSS5.6AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/21 6:2 p.m.22 views

CVE-2024-49994 block: fix integer overflow in BLKSECDISCARD

In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blkioctldiscard but for secure erase. Same problem: uint64t r2 = 512,...

0.00238EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an integer overflow problem in BLKSECDISCARD leading to an infinite loop...

5.5CVSS7.7AI score0.00238EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/10/17 2:51 a.m.2 views

SUSE CVE-2024-44337

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS6.9AI score0.00501EPSS
Exploits1References5
OSV
OSV
added 2024/10/15 9:30 p.m.12 views

GHSA-XHR3-WF7J-H255 Infinite loop in github.com/gomarkdown/markdown

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

6.9CVSS4.9AI score0.00501EPSS
Exploits1References5
OSV
OSV
added 2024/10/15 8:15 p.m.1 views

DEBIAN-CVE-2024-44337

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS5.8AI score0.00501EPSS
Exploits1References1
OSV
OSV
added 2024/10/15 8:15 p.m.4 views

AZL-50618 CVE-2024-44337 affecting package cri-o for versions less than 1.22.3-12

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS7AI score0.00501EPSS
Exploits1References1
OSV
OSV
added 2024/10/15 8:15 p.m.18 views

CVE-2024-44337

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS6.3AI score0.00501EPSS
Exploits1References2
OSV
OSV
added 2024/10/15 8:15 p.m.1 views

UBUNTU-CVE-2024-44337

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion v0.0.0-20240729232818-a2a9c4f, which corresponds with commit a2a9c4f76ef5a5c32108e36f7c47f8d310322252, there was a logical problem in the paragraph function of the...

5.1CVSS7.3AI score0.00501EPSS
Exploits1References3
Rows per page
Query Builder