Linux Distros Unpatched Vulnerability : CVE-2023-1436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads...

Linux Distros Unpatched Vulnerability : CVE-2022-23901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Note that Nessus relies on the presence of the package...

Linux Distros Unpatched Vulnerability : CVE-2017-16932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. CVE-2017-16932 Note that Nessus relies on the presence of the packag...

Linux Distros Unpatched Vulnerability : CVE-2018-6196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent...

Linux Distros Unpatched Vulnerability : CVE-2019-17450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a...

Linux Distros Unpatched Vulnerability : CVE-2019-19645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self- referential views in conjunction with ALTER TABLE...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

SUSE CVE-2023-2663

In Xpdf 4.04 and earlier, a PDF object loop in the page label tree leads to infinite recursion and a stack overflow...

SUSE CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc.

...

LangChain < 0.2.5 DoS

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a Denial-of-Service DoS vulnerability in the SitemapLoader class. The parsesitemap method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion...

Advisory ROSA-SA-2024-2536

software: re2c 3.1 AXIS: ROSA-CHROME packageevrstring: re2c-3.1-1 CVE-ID: CVE-2022-23901 BDU-ID: None CVE-Crit: CRITICAL. CVE-DESC.: The re2c 2.2 stack overflow is due to infinite recursion issues in src/dfa/deadrules.cc. CVE-STATUS: Fixed CVE-REV: To close, run the command: sudo dnf update re2c...

kernel: ipv6: Fix infinite recursion in fib6_dump_done().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. The Linux kernel CVE team has assigned CVE-2024-35886 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051946-CVE-2024-35886-19d4@gregkh/T...

Denial of Service(DOS) in KnowledgeBaseWebReader

Target Target Description KnowledgeBaseWebReader class recursively calls getarticleurls method. If the attacker can control a url variable to contain the root URL, it can lead to infinite recursive calls involving the same root URL repeatedly. This would cause a Denial of Service DoS scenario,...

Unbreakable Enterprise kernel security update

4.1.12-124.90.3 - SUNRPC: increase size of rpcwaitqueue.qlen from unsigned short to unsigned int Dai Ngo Orabug: 37055439 4.1.12-124.90.2 - scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc Justin Tee Orabug: 36643241 CVE-2024-35930 - scsi: qla2xxx: Fix command flush on cable pull Quinn Tran...

Security Bulletin: Vulnerabilities in Jettison affect IBM watsonx.data

Summary Jettison is vulerable to denial of service attacks. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-40150 DESCRIPTION: jettison-json Jettison is vulnerable to a denial of service, caused by an out of memory flaw. By sending a specially-crafted XML or JSON data, a remote...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the parsing of nested groups or series of SGROUP tags as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields. An attacker can cause infinite recursi...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2394)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : kernel:ACPI: CPPC: Use accesswidth over bitwidth for system memory accessesCVE-2024-35995 ACPI: LPIT: Avoid u32 multiplication...

Security Bulletin: Vulnerability in Netty affects watsonx.data

Summary Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. B...

Wireshark CLDAP Dissector Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wireshark CLDAP Dissector DOS', 'Description' = %q This module causes infinite recursion to occur within the CLDAP dissector by sending a special...