Lucene search
K

11150 matches found

Amazon
Amazon
added 2024/08/15 12:0 a.m.9 views

Medium: containerd

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

9.8CVSS7.2AI score0.01952EPSS
Exploits0
Redos
Redos
added 2024/08/15 12:0 a.m.23 views

ROS-20240815-01

A vulnerability in the glibc library of the Aurora operating system is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the iconv utility of the GNU C Library glibc syst...

7.1CVSS7.2AI score0.03538EPSS
Exploits1
OSV
OSV
added 2024/08/14 8:11 a.m.4 views

CLSA-2024-1723623068 java-1.8.0-openjdk: Fix of 6 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination RCE - CVE-2024-21144: Invalid header...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/13 3:38 p.m.3 views

golang: net: malformed DNS message can cause infinite loop

A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...

5.9CVSS7.3AI score0.01001EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 3:38 p.m.277 views

Moderate: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.9AI score0.01952EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/08/12 12:0 a.m.4 views

The vulnerability of the av1_uvlc() function in the GPAC multimedia platform allows a hacker to trigger a service failure.

The vulnerability of the av1uvlc function on the GPAC multimedia platform is related to an infinite loop in the av1uvlc function found in mediatools/avparsers.c. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS5.7AI score0.00249EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/08/08 5:23 p.m.4 views

org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service...

7.5CVSS7.3AI score0.00753EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 5:22 p.m.3 views

org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service...

7.5CVSS7.3AI score0.00753EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.3 views

kernel: drm/ast: Fix soft lockup

CVE-2024-35952 describes an issue in the Linux kernel's AST graphics driver. The problem occurs in the astdpsetonoff function, where a lack of proper synchronization with the DisplayPort Microcontroller Unit DPMCU can result in an infinite loop. This can cause a "soft lockup" in the host system,...

5.5CVSS7.3AI score0.00171EPSS
Exploits0References5
OSV
OSV
added 2024/08/06 5:15 p.m.2 views

DEBIAN-CVE-2024-42358

PDFio is a simple C library for reading and writing PDF files. There is a denial of service DOS vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability...

5.5CVSS5.5AI score0.00321EPSS
Exploits1References1
CVE
CVE
added 2024/08/06 5:2 p.m.49 views

CVE-2024-42358

PDFio contains a denial-of-service vulnerability in its TTF parser. A crafted TrueType font can trigger an infinite loop in read_camp by manipulating nGroups, causing 100% memory usage and a heap-buffer-overflow. The ttf.h component is implicated; impact is local and leads to DOS if exploited thr...

6.2CVSS7.3AI score0.00321EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/08/06 5:2 p.m.22 views

CVE-2024-42358

PDFio is a simple C library for reading and writing PDF files. There is a denial of service DOS vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability...

6.2CVSS5.5AI score0.00321EPSS
Exploits1
OSV
OSV
added 2024/08/06 5:2 p.m.20 views

CVE-2024-42358 Loop with Unreachable Exit Condition ('Infinite Loop') in pdfio

PDFio is a simple C library for reading and writing PDF files. There is a denial of service DOS vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability...

6.2CVSS6.7AI score0.00321EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2024/08/06 2:1 a.m.3 views

SUSE CVE-2024-41088

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

5.5CVSS6.5AI score0.00227EPSS
Exploits0References13
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/05 8:36 p.m.22 views

Security Bulletin: IBM Storage Ceph is vulnerable to an Infinite Loop in Grafana (CVE-2024-24786)

Summary Protobuf is used by IBM Storage Ceph in Grafana as part of metrics. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: Protocol Buffers protobuf-go is vulnerable to a denial of service...

7.5CVSS6.4AI score0.01262EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2024/08/05 2:21 p.m.28 views

CVE-2024-23352 Loop with Unreachable Exit Condition (`Infinite Loop`) in Multi Mode Call Processor

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA...

7.5CVSS0.00346EPSS
Exploits0References1
CVE
CVE
added 2024/08/05 2:21 p.m.35 views

CVE-2024-23352

CVE-2024-23352 concerns a transient DoS in Qualcomm closed‑source components due to a loop in the Multi Mode Call Processor. The issue manifests when NAS receives ODAC criteria of length 1 and type 1 during registration (OTA). Public documents consistently cite the description, but no concrete pa...

7.5CVSS7.6AI score0.00346EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/05 2:21 p.m.16 views

CVE-2024-23352 Loop with Unreachable Exit Condition (`Infinite Loop`) in Multi Mode Call Processor

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA...

7.5CVSS6.9AI score0.00346EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.3 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which arises from an infinite loop vulnerability contained in the Multi Mode Call Processor module...

7.5CVSS6.6AI score0.00346EPSS
Exploits0References2
Redos
Redos
added 2024/08/05 12:0 a.m.23 views

ROS-20240805-08

A vulnerability in the golang package of the Debian GNU/Linux operating system is related to a lack of protection for service data. data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A vulnerability in the golang package of the...

7.5CVSS7.9AI score0.01815EPSS
Exploits1
Rows per page
Query Builder