Lucene search
K

11151 matches found

RedHat Linux
RedHat Linux
added 2024/07/24 7:12 p.m.2 views

golang: net: malformed DNS message can cause infinite loop

A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...

5.9CVSS7.3AI score0.01001EPSS
Exploits0References5
Veracode
Veracode
added 2024/07/24 8:11 a.m.12 views

Denial Of Service (DoS)

github.com/wcharczuk/go-chart is vulnerable to Denial of Service DoS. The vulnerability is due to an infinite loop when executing the drawCanvas function with a StackedBarChart containing a long name value. If the name value originates from untrusted input, an attacker can cause an infinite loop...

7.5CVSS6.7AI score0.00646EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2024/07/24 12:0 a.m.17 views

openSUSE Security Advisory (SUSE-SU-2024:2584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.01546EPSS
Exploits0References5
NVD
NVD
added 2024/07/23 3:15 p.m.14 views

CVE-2024-40060

go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...

7.5CVSS0.00646EPSS
Exploits1References1
OSV
OSV
added 2024/07/23 3:15 p.m.9 views

CVE-2024-40060

go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...

7.5CVSS7.3AI score
Exploits0References1
Veracode
Veracode
added 2024/07/23 12:5 p.m.16 views

Infinite Loop

GPAC is vulnerable to an Infinite Loop. The vulnerability is due to an infinite loop caused by the function isoffinprocess in the file src/filters/isoffinread.c. An attacker can cause the application to enter an infinite loop by manipulating the input data, which could lead to a Denial of Service...

5.5CVSS6.9AI score0.00351EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2024/07/23 12:0 a.m.15 views

CVE-2024-40060

go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...

0.00646EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.16 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libgit2 (SUSE-SU-2024:2584-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2584-1 advisory. Update to 1.7.2: Security fixes: - CVE-2024-24577: Fixed arbitrary code execution due to heap...

9.8CVSS8.7AI score0.01546EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.3 views

PT-2024-28769 · Go-Chart · Go-Chart

Name of the Vulnerable Software and Affected Versions: go-chart version 2.1.1 Description: The issue is related to an infinite loop in the drawCanvas function. This function is part of the go-chart library and is used for rendering charts. The infinite loop can cause the program to consume...

7.5CVSS6.9AI score0.00646EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/07/23 12:0 a.m.3 views

go-chart 安全漏洞

go-chart is a very simple golang native charting library by Will Charczuk, a personal developer. A security vulnerability exists in go-chart version v2.1.1, which stems from an infinite loop in the drawCanvas function...

7.5CVSS6.8AI score0.00646EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/07/23 12:0 a.m.10 views

CVE-2024-40060

go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas function...

7.4AI score0.00646EPSS
Exploits1References1
CVE
CVE
added 2024/07/23 12:0 a.m.48 views

CVE-2024-40060

CVE-2024-40060 affects go-chart v2.1.1. The vulnerability is an infinite loop in the drawCanvas() function, which can cause a Denial of Service when a long name value is processed (noted in the Veracode entry and related advisories). Exploitation details are limited in the provided documents; one...

7.5CVSS7.1AI score0.00646EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.42 views

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2024:2590-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2590-1 advisory. Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138:...

7.4CVSS6.8AI score0.01257EPSS
Exploits0References20
OSV
OSV
added 2024/07/22 8:15 p.m.4 views

CVE-2024-6638

An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions...

5.5CVSS5.8AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 7:55 p.m.50 views

CVE-2024-6638

CVE-2024-6638 affects LabVIEW 2024 Q1 and earlier versions. The issue is an integer overflow in the TDMS file reader caused by improper input validation, which can lead to an infinite loop. Exploitation requires a user to open a specially crafted TDMS file and is a local, user-interaction-based v...

5.5CVSS5.5AI score0.00158EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/22 3:13 p.m.21 views

Security Bulletin: Security vulnerabilities may affect Go packages that are shipped with IBM CICS TX Advanced.

Summary Security vulnerabilities may affect Go packages that are shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a memory exhaustion flaw due to floo...

7.5CVSS7.4AI score0.91969EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/07/22 12:13 p.m.28 views

SUSE-SU-2024:2590-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References14
OSV
OSV
added 2024/07/22 11:40 a.m.17 views

SUSE-SU-2024:2584-1 Security update for libgit2

This update for libgit2 fixes the following issues: Update to 1.7.2: Security fixes: - CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in gitindexadd bsc1219660 - CVE-2024-24575: Fixed potential infinite loop condition in gitrevparsesingle bsc1219664 Other fixes: - A bug in...

9.8CVSS9.2AI score0.01546EPSS
Exploits0References5
OSV
OSV
added 2024/07/22 10:36 a.m.41 views

SUSE-SU-2024:2578-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Updated to version 21.0.4+7 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References12
Amazon
Amazon
added 2024/07/22 12:0 a.m.4 views

Medium: python3.11-setuptools

Issue Overview: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as...

6.2CVSS7.1AI score0.00236EPSS
Exploits0
Rows per page
Query Builder