Lucene search
K

11152 matches found

AlpineLinux
AlpineLinux
added 2024/07/09 12:0 a.m.2 views

CVE-2024-5569

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

6.2CVSS6.9AI score0.00236EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/07/09 12:0 a.m.51 views

CVE-2024-5569

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

6.2CVSS6.7AI score0.00236EPSS
Exploits0
OSV
OSV
added 2024/07/08 9:31 p.m.0 views

GHSA-36H2-G4C8-9XCM Aim denial of service vulnerability

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections...

8.7CVSS5.9AI score0.00573EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 8:30 p.m.19 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities found in Java

Summary There are multiple vulnerabilities in Java used by IBM Cloud Transformation Advisor CVE-2021-46877, CVE-2021-0341, CVE-2021-35515, CVE-2021-35516, CVE-2024-30172. Vulnerability Details CVEID:CVE-2021-46877 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, cause...

7.5CVSS7.9AI score0.12697EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/07/08 7:15 p.m.4 views

CVE-2024-6227

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections...

7.5CVSS7.4AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/07/08 2:12 p.m.23 views

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.8.5 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

7.5CVSS6.7AI score0.011EPSS
Exploits0References76
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:39 a.m.31 views

Security Bulletin: Apache Commons Compress vulnerability affect IBM Spectrum Control

Summary Apache Commons Compress is vulnerable to a denial of service. This vulnerability affect IBM Spectrum Control. CVE-2024-25710, CVE-2024-26308, CVE-2023-42503. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an...

8.1CVSS6.6AI score0.00898EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.4 views

PT-2024-5225

Name of the Vulnerable Software and Affected Versions: jaraco/zipp versions prior to 3.19.1 Description: A Denial of Service DoS issue exists in the jaraco/zipp library, triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile modu...

6.9CVSS6.7AI score0.00236EPSS
Exploits0References84
SUSE CVE
SUSE CVE
added 2024/07/05 3:39 a.m.3 views

SUSE CVE-2023-39327

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal...

3.3CVSS6.6AI score0.00528EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.5 views

OpenJPEG Resource Management Error Vulnerability

OpenJPEG is an open source C-based JPEG2000 codec. OpenJPEG suffers from a resource management error vulnerability that originates from a malicious file that could cause the program to enter a loop...

4.3CVSS6.6AI score0.00528EPSS
Exploits0References5
Atlassian
Atlassian
added 2024/07/03 8:30 a.m.36 views

DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 7.19.23, 8.5.10, 8.9.2 of Confluence Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.7AI score0.11879EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.20 views

AlmaLinux 8 : container-tools (ALSA-2024:4246)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4246 advisory. golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786...

7.5CVSS7AI score0.01262EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/02 4:23 p.m.5 views

org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service...

7.5CVSS7.3AI score0.00753EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/02 3:45 p.m.30 views

Moderate: Red Hat Security Advisory: container-tools security update

An update for container-tools is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/02 12:0 a.m.64 views

RHEL 8 : container-tools (RHSA-2024:4246)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4246 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang-protobuf:...

7.5CVSS7.1AI score0.01262EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.5 views

PHP mb_encode_mimeheader runs endlessly for some inputs

...

7.5CVSS8.5AI score0.01924EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/06/27 1:6 p.m.4 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
OSV
OSV
added 2024/06/26 7:10 p.m.13 views

GHSA-9344-P847-QM5C Low severity (DoS) vulnerability in sequoia-openpgp

There is a denial-of-service vulnerability in sequoia-openpgp, our crate providing a low-level interface to our OpenPGP implementation. When triggered, the process will enter an infinite loop. Many thanks to Andrew Gallagher for disclosing the issue to us. Impact Any software directly or indirect...

2.9CVSS6.2AI score0.00361EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/06/26 7:10 p.m.14 views

Low severity (DoS) vulnerability in sequoia-openpgp

There is a denial-of-service vulnerability in sequoia-openpgp, our crate providing a low-level interface to our OpenPGP implementation. When triggered, the process will enter an infinite loop. Many thanks to Andrew Gallagher for disclosing the issue to us. Impact Any software directly or indirect...

7.5CVSS6.2AI score0.00361EPSS
Exploits1References4Affected Software1
RustSec
RustSec
added 2024/06/26 12:0 p.m.5 views

Low severity (DoS) vulnerability in sequoia-openpgp

There is a denial-of-service vulnerability in sequoia-openpgp, our crate providing a low-level interface to our OpenPGP implementation. When triggered, the process will enter an infinite loop. Many thanks to Andrew Gallagher for disclosing the issue to us. Impact Any software directly or indirect...

7.5CVSS7.1AI score0.00361EPSS
Exploits1Affected Software1
Rows per page
Query Builder