Lucene search
K

11151 matches found

CNNVD
CNNVD
added 2024/08/05 12:0 a.m.4 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which arises from an infinite loop vulnerability contained in the Multi Mode Call Processor module...

7.5CVSS6.6AI score0.00346EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/01 9:17 p.m.36 views

Security Bulletin: IBM Content Navigator is vulnerable to Denial of Service (DoS) due to Apache Commons Compress (CVE-2024-26308, CVE-2024-25710)

Summary Apache Commons Compress is used by IBM Content Navigator to work with archive files. CVE-2024-26308, CVE-2024-25710 Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error. By persuading a victi...

8.1CVSS6.5AI score0.00898EPSS
Exploits0Affected Software1
Amazon
Amazon
added 2024/08/01 12:0 a.m.8 views

Important: docker

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

9.9CVSS7.2AI score0.16496EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 5:7 a.m.77 views

USN-6932-1: OpenJDK 21 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 21 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
OSV
OSV
added 2024/07/31 5:6 a.m.4 views

USN-6931-1 openjdk-17 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 17 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0References6
OSV
OSV
added 2024/07/31 5:4 a.m.3 views

USN-6930-1 openjdk-lts vulnerabilities

It was discovered that the Hotspot component of OpenJDK 11 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/07/31 12:54 a.m.3 views

kernel: drm/ast: Fix soft lockup

CVE-2024-35952 describes an issue in the Linux kernel's AST graphics driver. The problem occurs in the astdpsetonoff function, where a lack of proper synchronization with the DisplayPort Microcontroller Unit DPMCU can result in an infinite loop. This can cause a "soft lockup" in the host system,...

5.5CVSS7.3AI score0.00171EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/31 12:0 a.m.36 views

SUSE SLED15: java-17-openjdk / java-17-openjdk-demo / java-17-openjdk-devel / etc (SUSE-SU-2024:2628-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2628-1 advisory. Updated to version 17.0.12+7 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overfl...

7.4CVSS6.8AI score0.01257EPSS
Exploits0References17
OSV
OSV
added 2024/07/30 7:11 a.m.29 views

SUSE-SU-2024:2629-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References14
Amazon
Amazon
added 2024/07/30 12:0 a.m.9 views

Important: docker

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

9.9CVSS6.7AI score0.16496EPSS
Exploits0
NVD
NVD
added 2024/07/29 4:15 p.m.24 views

CVE-2024-41088

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

5.5CVSS0.00227EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/07/29 3:52 p.m.14 views

CVE-2024-42072 bpf: Fix may_goto with negative offset.

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix maygoto with negative offset. Zac's syzbot crafted a bpf prog that exposed two bugs in maygoto. The 1st bug is the way maygoto is patched. When offset is negative it should be patched differently. The 2nd bug is in the...

6.8AI score0.00226EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/07/29 3:48 p.m.19 views

CVE-2024-41088 can: mcp251xfd: fix infinite loop when xmit fails

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

0.00227EPSS
Exploits0References4
CVE
CVE
added 2024/07/29 3:48 p.m.114 views

CVE-2024-41088

CVE-2024-41088 (Linux kernel) affects the can mcp251xfd driver. When mcp251xfd_start_xmit() fails, tx_ring->head is still incremented, causing the Transmit Event FIFO to reflect an outstanding TX while a response is expected, which can lead to an infinite loop in the interrupt routine if multi...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/07/29 3:48 p.m.13 views

CVE-2024-41088 can: mcp251xfd: fix infinite loop when xmit fails

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.4 views

The vulnerability of the jaraco/zipp library, which is compatible with the pathlib API of the Zipfile library, allows a attacker to cause a service failure.

The vulnerability of the jaraco/zipp library, which is compatible with the pathlib API of the Zipfile library, relates to the processing of specially created zip files. This can lead to an infinite loop. Exploiting this vulnerability could allow a attacker to cause a service failure...

6.2CVSS6.7AI score0.00236EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2024/07/26 11:8 a.m.4 views

OESA-2024-1889 python-zipp security update

A pathlib-compatible Zipfile object wrapper. A backport of the Path object. Security Fixes: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an...

6.2CVSS7AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2024/07/26 11:8 a.m.4 views

OESA-2024-1887 python-zipp security update

A pathlib-compatible Zipfile object wrapper. A backport of the Path object. Security Fixes: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an...

6.2CVSS7AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2024/07/26 11:8 a.m.3 views

OESA-2024-1890 python-zipp security update

A pathlib-compatible Zipfile object wrapper. A backport of the Path object. Security Fixes: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an...

6.2CVSS7AI score0.00236EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/25 7:26 p.m.8 views

org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service...

7.5CVSS7.3AI score0.00753EPSS
Exploits0References5
Rows per page
Query Builder