Lucene search
K

11154 matches found

OSV
OSV
added 2024/05/14 3:45 p.m.2 views

UBUNTU-CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

7.5CVSS7AI score0.00818EPSS
Exploits0References6
OSV
OSV
added 2024/05/14 3:32 p.m.8 views

GHSA-M44J-CFRM-G8QC Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

6.9CVSS6.9AI score0.00753EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2024/05/14 3:32 p.m.34 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9Affected Software8
NVD
NVD
added 2024/05/14 3:21 p.m.28 views

CVE-2024-30172

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/05/14 9:7 a.m.6 views

commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

A loop with an unreachable exit condition Infinite Loop vulnerability was found in Apache Common Compress. This issue can lead to a denial of service...

8.1CVSS6.8AI score0.00441EPSS
Exploits0References6
OSV
OSV
added 2024/05/14 7:18 a.m.21 views

BIT-GOLANG-2024-24788 Malformed DNS message can cause infinite loop in net

A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop...

5.9CVSS6.4AI score0.01001EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/05/14 12:3 a.m.29 views

CVE-2024-4854 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

6.4CVSS6.9AI score0.00818EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

Bouncy Castle 安全漏洞

Bouncy Castle is a collection of APIs used in cryptography organized by Bouncy Castle. It includes APIs for the Java and C programming languages . A security vulnerability exists in the Bouncy Castle Java Cryptography APIs prior to version 1.78, which stems from the Ed25519 captcha infinite loop...

7.5CVSS6.7AI score0.00753EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2024/05/14 12:0 a.m.23 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
added 2024/05/14 12:0 a.m.24 views

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

7.5CVSS7.5AI score0.00753EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.36 views

Rocky Linux 9 : edk2 (RLSA-2024:2264)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2264 advisory. - EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network...

8.8CVSS7.7AI score0.05533EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2024/05/13 12:0 a.m.19 views

FreeBSD : go -- net: malformed DNS message can cause infinite loop (d3847eba-114b-11ef-9c21-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d3847eba-114b-11ef-9c21-901b0e9408dc advisory. - A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an...

5.9CVSS7.4AI score0.01001EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/11 4:55 p.m.53 views

Security Bulletin: IBM Storage Fusion is vulnerable to denial of service due to Apache Commons Compress and ion-java.

Summary commons-compress and ion-java is used by IBM Storage Fusion as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-26308, CVE-2024-25710, CVE-2024-21634. Vulnerability Details CVEID:CVE-2024-26308 DESCRIPTION: Apache Commons Compress is vulnerab...

8.1CVSS7AI score0.00898EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.21 views

RHEL 7 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: Symlink race error can allow directory creation outside of the exported share CVE-2021-43566 -...

7.5AI score0.62606EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 8 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nasm: use-after-free in pastetokens in asm/preproc.c CVE-2019-8343 - NASM nasm-2.13.03 nasm- 2.14rc15...

7.6AI score0.05166EPSS
Exploits18References17
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 6 : byacc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - byacc: malloc incorrectly accessing released memory leads to use after free CVE-2021-33641 - When a file ...

7.4AI score0.0027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.9 views

RHEL 8 : rubygem-asciidoctor (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-asciidoctor: Infinite loop in the nextblock method CVE-2018-18385 Note that Nessus has not tested for this...

7.3AI score0.0225EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.18 views

RHEL 6 : libxpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXpm: Out-of-bounds write in XPM extension parsing CVE-2016-10164 - A flaw was found in libXpm. When...

7.4AI score0.07528EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 6 : rubygems (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygems: Improper verification of signatures in tarball allows to install mis-signed gem CVE-2018-100007...

8AI score0.29442EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 5 : quagga (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - quagga: VPNv4 NLRI parser memcpys to stack on unchecked length CVE-2016-2342 - quagga: Double free...

8.9AI score0.39045EPSS
Exploits0References8
Rows per page
Query Builder