Lucene search
K

1147 matches found

RedhatCVE
RedhatCVE
added 2026/07/01 4:38 a.m.9 views

CVE-2026-40989

A flaw was found in Spring Cloud Function. An attacker could send a specially crafted request that triggers infinite recursion in the routing layer. This can lead to an Out Of Memory OOM error, causing a Denial of Service DoS condition where the application becomes unresponsive...

6.5CVSS5.7AI score0.00211EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.16 views

Astra Linux – Vulnerability in libxml2

A flaw was discovered in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function, where an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by...

5.9CVSS5.8AI score0.00755EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a potential security issue involving infinite recursion in the MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 addresses this issue...

5.5CVSS5.2AI score0.00161EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens Ruggedcom Rox Uncontrolled Recursion (CVE-2019-13103)

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. This plugin only works with Tenable.ot. Please visit...

7.1CVSS6.7AI score0.00404EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 10:7 p.m.21 views

CVE-2025-7005

CVE-2025-7005 describes an uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file, potentially causing denial-of-service of the antivirus process. Affected products include Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business A...

5.5CVSS5.4AI score0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 10:7 p.m.34 views

CVE-2025-7005 Avast antivirus infinite recursion when scanning a malformed PE file

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for vir...

5.5CVSS0.00111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 10:7 p.m.8 views

CVE-2025-7005 Avast antivirus infinite recursion when scanning a malformed PE file

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for vir...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2026-2055)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not...

6.2CVSS5.8AI score0.00755EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2026-2028)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not...

6.2CVSS5.8AI score0.00755EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.14 views

RHEL 7 : libxml2 (RHSA-2026:22420)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22420 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...

6.2CVSS5.6AI score0.00144EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-49941

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...

7.5CVSS5.4AI score0.00329EPSS
Exploits0References1
Veracode
Veracode
added 2026/06/05 12:41 p.m.13 views

Denial Of Service (DoS)

Spring Cloud Function is vulnerable to Denial of Service DoS. The vulnerability is due to infinite recursion in the routing layer, where specially crafted routing configurations or requests can trigger unbounded recursive processing, leading to excessive memory consumption and potentially causing...

6.5CVSS5.4AI score0.00211EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 4:7 p.m.38 views

CVE-2026-49941 Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...

0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 4:7 p.m.9 views

CVE-2026-49941 Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...

5.8AI score0.00329EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 4:7 p.m.11 views

EUVD-2026-34298

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...

7.5CVSS5.8AI score0.00329EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/04 2:38 p.m.19 views

Strawberry GraphQL has a Circular Fragment Reference DOS

Summary The QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the determinedepth function enters an infinite recursion, leading to a RecursionError and crashing the...

5.3CVSS5.8AI score0.00296EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:6 p.m.7 views

CVE-2026-47706

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the determinedepth...

5.3CVSS5.8AI score0.00296EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Net::CIDR::Set 安全漏洞

Net::CIDR::Set is a Perl network address management library developed by RRWO’s individual developers. Versions of Net::CIDR::Set prior to 0.20 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification of IP addresses. The add method called the encode method ...

7.5CVSS5.2AI score0.00329EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.11 views

AIX : Multiple Vulnerabilities (IJ58124)

The version of AIX installed on the remote host is prior to APAR IJ58124. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58124 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

7.5CVSS5.6AI score0.00755EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2026/06/02 7:43 a.m.13 views

libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...

6.2CVSS5.7AI score0.00144EPSS
Exploits0References6
Rows per page
Query Builder