Lucene search
K

11154 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 7 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpdf: stack exhaustion in QPDFObjectHandle and QPDFDictionary classes in libqpdf.a CVE-2018-9918 - An iss...

7.8CVSS6.2AI score0.01804EPSS
Exploits5References14
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.12 views

RHEL 7 : byacc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - byacc: malloc incorrectly accessing released memory leads to use after free CVE-2021-33641 - When a file ...

7.8CVSS7.4AI score0.0027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 5 : librsvg2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - librsvg: SIGFPE is raised in boxblurline function of rsvg-filter.c CVE-2017-11464 - The...

7.8CVSS7.7AI score0.02427EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 6 : freetype (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freetype: Use of uninitialized memory CVE-2014-9746 - FreeType before 2.4.11 allows context-dependent...

9.8CVSS7.7AI score0.03734EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.22 views

RHEL 8 : cairo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cairo: infinite loop in the function arcerrornormalized in the file cairo-arc.c CVE-2019-6462 - cairo...

6.5CVSS7.3AI score0.02142EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 7 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: audio: host memory leakage via capture buffer CVE-2017-8309 - The qemu implementation in libvirt...

7.5CVSS6.5AI score0.04544EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 6 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743 - The qemu implementation in...

7.5CVSS6.4AI score0.04544EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 7 : kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 - Integer overflow in the VNC display driver...

9.8CVSS8.9AI score0.06336EPSS
Exploits3References14
Tenable Nessus
Tenable Nessus
added 2024/05/31 12:0 a.m.31 views

Amazon Linux 2 : amazon-cloudwatch-agent (ALAS-2024-2550)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300039.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2550 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an...

7.5CVSS7.5AI score0.91969EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/30 8:24 p.m.2 views

commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...

8.1CVSS6.8AI score0.00441EPSS
Exploits0References6
OSV
OSV
added 2024/05/30 12:19 p.m.8 views

SUSE-SU-2024:1865-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...

7.5CVSS6.7AI score0.00818EPSS
Exploits2References7
Amazon
Amazon
added 2024/05/30 12:0 a.m.25 views

Medium: amazon-cloudwatch-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS8.4AI score0.91969EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/05/29 12:0 a.m.3 views

The vulnerability of the aiohttp HTTP client, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the aiohttp HTTP client is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS6.8AI score0.01085EPSS
Exploits0References8Affected Software2
Veracode
Veracode
added 2024/05/28 4:55 a.m.12 views

Infinite Loop

org.soot-oss: soot is vulnerable to Infinite Loop. The vulnerability is due to the retrieveActiveBody function, which allows an attacker to maliciously craft a method to cause excessive resource consumption that can leads to Denial of Service...

4.3CVSS6.7AI score0.00919EPSS
Exploits1References3Affected Software1
SUSE CVE
SUSE CVE
added 2024/05/28 3:34 a.m.4 views

SUSE CVE-2021-47406

In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due to an corrupted file system, ext4extreplaysetiblocks can get stuck in an infinite loop. This could be reproduced by running generic/526 wi...

5.5CVSS6.4AI score0.0025EPSS
Exploits0References8
Amazon
Amazon
added 2024/05/28 12:0 a.m.13 views

Medium: amazon-cloudwatch-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS8.9AI score0.91969EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/05/27 12:0 a.m.3 views

The vulnerability of the `protojson.Unmarshal()` function in the Golang-Google-Protobuf programming language lies in a loop with an unreachable termination condition. This allows attackers to trigger a denial-of-service attack.

The vulnerability of the protojson.Unmarshal function in the Golang Google Protobuf programming language is related to an infinite loop that occurs during the unmarshaling of certain JSON formats. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.9CVSS6.5AI score0.01262EPSS
Exploits0References8Affected Software5
Github Security Blog
Github Security Blog
added 2024/05/24 8:9 p.m.24 views

Soot Infinite Loop vulnerability

An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service DoS...

4.3CVSS6.7AI score0.00919EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/05/24 8:9 p.m.10 views

GHSA-HFG7-J82C-FR3W Soot Infinite Loop vulnerability

An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service DoS...

7.5CVSS4.4AI score0.00919EPSS
Exploits1References3
OSV
OSV
added 2024/05/24 5:15 p.m.2 views

CVE-2023-46442

An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service DoS...

4.3CVSS5.8AI score0.00919EPSS
Exploits1References2
Rows per page
Query Builder