11154 matches found
RHEL 7 : qpdf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpdf: stack exhaustion in QPDFObjectHandle and QPDFDictionary classes in libqpdf.a CVE-2018-9918 - An iss...
RHEL 7 : byacc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - byacc: malloc incorrectly accessing released memory leads to use after free CVE-2021-33641 - When a file ...
RHEL 5 : librsvg2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - librsvg: SIGFPE is raised in boxblurline function of rsvg-filter.c CVE-2017-11464 - The...
RHEL 6 : freetype (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freetype: Use of uninitialized memory CVE-2014-9746 - FreeType before 2.4.11 allows context-dependent...
RHEL 8 : cairo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cairo: infinite loop in the function arcerrornormalized in the file cairo-arc.c CVE-2019-6462 - cairo...
RHEL 7 : xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: audio: host memory leakage via capture buffer CVE-2017-8309 - The qemu implementation in libvirt...
RHEL 6 : xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743 - The qemu implementation in...
RHEL 7 : kvm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 - Integer overflow in the VNC display driver...
Amazon Linux 2 : amazon-cloudwatch-agent (ALAS-2024-2550)
The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300039.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2550 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an...
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...
SUSE-SU-2024:1865-1 Security update for wireshark
This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...
Medium: amazon-cloudwatch-agent
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
The vulnerability of the aiohttp HTTP client, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.
The vulnerability of the aiohttp HTTP client is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
Infinite Loop
org.soot-oss: soot is vulnerable to Infinite Loop. The vulnerability is due to the retrieveActiveBody function, which allows an attacker to maliciously craft a method to cause excessive resource consumption that can leads to Denial of Service...
SUSE CVE-2021-47406
In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4extreplaysetiblocks If the call to ext4mapblocks fails due to an corrupted file system, ext4extreplaysetiblocks can get stuck in an infinite loop. This could be reproduced by running generic/526 wi...
Medium: amazon-cloudwatch-agent
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
The vulnerability of the `protojson.Unmarshal()` function in the Golang-Google-Protobuf programming language lies in a loop with an unreachable termination condition. This allows attackers to trigger a denial-of-service attack.
The vulnerability of the protojson.Unmarshal function in the Golang Google Protobuf programming language is related to an infinite loop that occurs during the unmarshaling of certain JSON formats. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Soot Infinite Loop vulnerability
An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service DoS...
GHSA-HFG7-J82C-FR3W Soot Infinite Loop vulnerability
An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service DoS...
CVE-2023-46442
An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service DoS...