Lucene search
K

5610 matches found

Redos
Redos
added 2025/08/18 12:0 a.m.4 views

ROS-20250818-06

A vulnerability in the fs/hfs.c file of the hfs component of the Grub2 operating system boot loader is related to writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user using a speciall...

8.8CVSS8.9AI score0.01373EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-19777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain. CVE-2019-19777 Note that...

8.8CVSS7.7AI score0.01404EPSS
Exploits1References2
OSV
OSV
added 2025/08/16 12:30 p.m.3 views

GHSA-V6CF-MV9H-C8MC Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...

1CVSS5.9AI score0.00137EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/08/16 12:30 p.m.9 views

Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...

1CVSS7.2AI score0.00137EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/08/16 11:15 a.m.7 views

CVE-2025-9092

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...

1CVSS0.00137EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/16 10:47 a.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via org.Bouncycastle.Crypto.Fips.NativeLoader. An attacker can cause excessive resource allocation by deploying hybrid modules in multi-JVM environments, potentially leading to resour...

1.9CVSS7AI score0.00137EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/16 10:47 a.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via org.Bouncycastle.Crypto.Fips.NativeLoader. An attacker can cause excessive resource allocation by deploying hybrid modules in multi-JVM environments, potentially leading to resour...

1.9CVSS7AI score0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/16 10:29 a.m.3 views

CVE-2025-9092 Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...

1CVSS7.2AI score0.00137EPSS
Exploits0References1
CVE
CVE
added 2025/08/16 10:29 a.m.60 views

CVE-2025-9092

CVE-2025-9092 is an Uncontrolled Resource Consumption issue affecting Bouncy Castle for Java – BC-FJA 2.1.0 bc-fips (API modules), with the vulnerable component identified as org.Bouncycastle.Crypto.Fips.NativeLoader. Public sources (NVD/IBM bulletin) confirm the affected delivery from BC-FJA 2.1...

1CVSS6.6AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/16 12:0 a.m.4 views

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is a cryptographic algorithm program open-sourced by Legion of the Bouncy Castle Inc. A security vulnerability exists in Bouncy Castle Java version 2.1.0, which stems from a resource over-allocation issue in the org.Bouncycastle.Crypto.Fips.NativeLoader file...

1CVSS6.8AI score0.00137EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/16 12:0 a.m.6 views

PT-2025-33545 · Unknown · Bouncy Castle For Java - Bc-Fja

Name of the Vulnerable Software and Affected Versions: Bouncy Castle for Java - BC-FJA versions 2.1.0 through 2.1.0 Description: An uncontrolled resource consumption issue exists in Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules that allows excessive allocation. The issue is associated...

1CVSS6AI score0.00137EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2025/08/15 4:20 p.m.11 views

Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

A Chinese-speaking advanced persistent threat APT actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talo...

7.7AI score
Exploits0
Talos Blog
Talos Blog
added 2025/08/15 10:0 a.m.18 views

UAT-7237 targets Taiwanese web hosting infrastructure

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat APT group active since at least 2022, which has significant overlaps with UAT-5918. UAT-7237 conducted a recent intrusion targeting web infrastructure entities within Taiwan and relies heavily on the use of open-source...

8.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in meteor-fomalhaut-izar-sass-loader (npm)

The package meteor-fomalhaut-izar-sass-loader was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in ichnology-less-loader-eigenstate-asthenosphere (npm)

The package ichnology-less-loader-eigenstate-asthenosphere was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in metalsmith-grus-less-loader-gridsome (npm)

The package metalsmith-grus-less-loader-gridsome was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in sublimation-radiant-less-loader-ablation (npm)

The package sublimation-radiant-less-loader-ablation was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in altair-helios-start-sass-loader (npm)

The package altair-helios-start-sass-loader was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in sass-loader-jupiter-coronalmassejection-filament (npm)

The package sass-loader-jupiter-coronalmassejection-filament was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in com.unity.xrtools.module-loader (npm)

The package com.unity.xrtools.module-loader was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder