Lucene search
K

143 matches found

OSV
OSV
added 2025/07/11 12:21 p.m.5 views

OESA-2025-1779 nbdkit security update

NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...

6.5CVSS6.7AI score0.0037EPSS
Exploits0References3
OSV
OSV
added 2025/07/11 12:21 p.m.5 views

OESA-2025-1778 nbdkit security update

NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...

6.5CVSS6.7AI score0.0037EPSS
Exploits0References3
OSV
OSV
added 2025/07/11 12:21 p.m.5 views

OESA-2025-1777 nbdkit security update

NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...

6.5CVSS6.7AI score0.0037EPSS
Exploits0References3
OSV
OSV
added 2025/06/09 6:15 a.m.9 views

AZL-63878 CVE-2025-47711 affecting package nbdkit for versions less than 1.35.3-4

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

6.5CVSS5.8AI score0.00361EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/06/09 6:15 a.m.3 views

CVE-2025-47711

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

6.5CVSS6.3AI score0.00361EPSS
Exploits0References4Affected Software5
ATTACKERKB
ATTACKERKB
added 2025/06/09 6:15 a.m.2 views

CVE-2025-47712

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...

6.5CVSS6.2AI score0.0037EPSS
Exploits0References4Affected Software5
OSV
OSV
added 2025/06/09 6:15 a.m.5 views

AZL-63801 CVE-2025-47711 affecting package nbdkit for versions less than 1.35.3-7

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

6.5CVSS6.2AI score0.00361EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 6:15 a.m.7 views

AZL-63875 CVE-2025-47712 affecting package nbdkit for versions less than 1.35.3-4

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...

6.5CVSS5.7AI score0.0037EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 6:15 a.m.2 views

DEBIAN-CVE-2025-47711

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

6.5CVSS5.5AI score0.00361EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.7 views

PT-2025-50084

Name of the Vulnerable Software and Affected Versions Qualcomm embedded platform firmware affected versions not specified Description A flaw exists in the Qualcomm embedded platform firmware related to an integer overflow. Exploitation may allow an attacker to cause a denial-of-service condition...

7.8CVSS6.7AI score0.00079EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.4 views

Cutting through Privacy: a Hyperplane-Based Data Reconstruction Attack in Federated Learning

Federated Learning FL enables collaborative training of machine learning models across distributed clients without sharing raw data, ostensibly preserving data privacy. Nevertheless, recent studies have revealed critical vulnerabilities in FL, showing that a malicious central server can manipulat...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/13 11:39 p.m.3 views

SUSE CVE-2025-47711

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

6.5CVSS6.9AI score0.00361EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/04/12 3:31 a.m.4 views

SUSE CVE-2025-1386

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream...

5.3CVSS6.8AI score0.00342EPSS
Exploits0References4
Snyk
Snyk
added 2025/03/28 9:41 p.m.5 views

Missing Release of Memory after Effective Lifetime

Overview org.infinispan:infinispan-server-rest is an Infinispan Rest Server. Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the REST compare API. A user can trigger an OutOfMemoryError by sending many requests with large 1 MiB POST data ...

7.1CVSS6.9AI score0.00445EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/22 12:4 p.m.14 views

CVE-2024-10650

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

7.5CVSS7.1AI score0.0067EPSS
Exploits2References1
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

Excessive Data Query Operations in a Large Data Table

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Excessive Data Query Operations in a Large Data Table through the tracking and simultaneous querying of a large number of Text objects via the web API. An attacker ca...

8.7CVSS6.9AI score0.0059EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.10 views

CVE-2024-10650

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

7.5CVSS0.0067EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.7 views

CVE-2024-10650 Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

7.5CVSS7.7AI score0.0067EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.20 views

CVE-2024-10650 Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

7.5CVSS0.0067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/19 10:24 p.m.12 views

CVE-2025-29910

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A memory leak vulnerability was identified in the...

7.5CVSS7AI score0.0046EPSS
Exploits1References1
Rows per page
Query Builder