Lucene search
+L

158 matches found

osv
osv
added 2025/06/16 4:15 p.m.10 views

UBUNTU-CVE-2025-6170

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...

2.5CVSS5.8AI score0.00202EPSS
Exploits0References6
attackerkb
attackerkb
added 2025/06/16 3:24 p.m.2 views

CVE-2025-6170

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...

2.5CVSS5.8AI score0.00202EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2025/06/10 12:0 a.m.19 views

PT-2025-37210

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A buffer overflow issue was identified in the add tuning control function within the ALSA subsystem. The sprintf function call could exceed the allocated buffer size of 44 bytes if the...

3.5CVSS5.9AI score
Exploits0
ptsecurity
ptsecurity
added 2025/02/13 12:0 a.m.4 views

PT-2025-6712 · Effectmatrix · Effectmatrix Total Video Converter Command Line

Name of the Vulnerable Software and Affected Versions: Effectmatrix Total Video Converter Command Line TVCC version 2.50 Description: A stack-based buffer overflow issue exists when an overly long string is passed to the -f parameter. This can lead to memory corruption, potentially allowing...

5.5CVSS8.7AI score0.00264EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/11/24 12:0 a.m.5 views

PHP 安全漏洞

PHP is a scripting language in which PHP is executed server-side. A security vulnerability exists in PHP. An attacker who exploits this vulnerability can cause an integer overflow by entering an uncontrolled long string into the ldapescape function, resulting in an out-of-bounds write. The...

9.8CVSS6.4AI score0.02079EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2024/08/19 12:0 a.m.6 views

PT-2024-30542 · Fugit +1 · Fugit +1

Name of the Vulnerable Software and Affected Versions: fugit versions prior to 1.11.1 Description: The fugit "natural" parser, which turns natural language into cron expressions, accepted any length of input and attempted to parse it without returning promptly. This could cause the parse call to...

7.5CVSS8.8AI score0.00792EPSS
Exploits0References26
bdu_fstec
bdu_fstec
added 2024/04/04 12:0 a.m.9 views

The vulnerability of the Range header analysis component in the module interface between web servers and web applications in Rack architecture allows a attacker to cause a service failure.

The vulnerability of the Range header analysis component in the module interface between web servers and web applications in Rack relates to the processing of input data, which can take an unexpected amount of time. Exploiting this vulnerability may allow a malicious actor to cause service failur...

7.8CVSS6.6AI score0.01626EPSS
Exploits0References8Affected Software4
osv
osv
added 2024/03/04 3:4 p.m.7 views

USN-6674-1 python-django vulnerability

Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References2
susecve
susecve
added 2024/02/21 3:29 a.m.5 views

SUSE CVE-2024-26134

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...

7.5CVSS6.9AI score0.01167EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2024/01/24 12:0 a.m.4 views

PT-2024-20220 · Eserver · Ezserver

Name of the Vulnerable Software and Affected Versions: EzServer version 6.4.017 Description: The issue allows a denial of service daemon crash via a long string, such as one for the RNTO command. Recommendations: For EzServer version 6.4.017, consider restricting the length of input strings to...

7.5CVSS7.5AI score0.03574EPSS
Exploits1References7
redhatcve
redhatcve
added 2023/11/18 6:49 p.m.30 views

CVE-2023-46402

A flaw was found in the git-urls package. This issue occurs when a long input is provided inside the directory path of the git url. This could lead to loading delays or a regular expression denial of service...

4.3CVSS7.3AI score0.0085EPSS
Exploits1References3
prion
prion
added 2023/09/15 6:15 a.m.19 views

Design/Logic Flaw

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service loss of communication...

7.5CVSS9AI score0.00731EPSS
Exploits0References2Affected Software1
susecve
susecve
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2009-0148

Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as 1 source-code tokens and 2 pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541...

9.3CVSS8.2AI score0.06765EPSS
Exploits1References3
susecve
susecve
added 2023/02/15 5:59 a.m.4 views

SUSE CVE-2010-1634

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a...

5CVSS8.6AI score0.04382EPSS
Exploits0References8
susecve
susecve
added 2023/02/15 5:43 a.m.4 views

SUSE CVE-2012-5959

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka uuid field within a...

10CVSS8.4AI score0.75796EPSS
Exploits2References3
susecve
susecve
added 2023/02/15 5:42 a.m.3 views

SUSE CVE-2013-0223

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function...

1.9CVSS7.2AI score0.00507EPSS
Exploits1References5
susecve
susecve
added 2023/02/15 3:25 a.m.5 views

SUSE CVE-2022-31631

In PHP versions 8.0. before 8.0.27, 8.1. before 8.1.15, 8.2. before 8.2.2 when using PDO::quote function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities...

6.9CVSS10AI score0.02134EPSS
Exploits0References8
veracode
veracode
added 2022/04/14 11:8 p.m.33 views

Denial Of Service (DoS)

go:edge is vulnerable to Denial Of Service DoS. A malicious user is able to cause an application to crash via long scalar input...

7.5CVSS9.5AI score0.04195EPSS
Exploits0References20Affected Software18
osv
osv
added 2022/01/03 1:15 p.m.3 views

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated...

7.5CVSS5.8AI score0.01553EPSS
Exploits2References1
osv
osv
added 2021/08/18 5:15 p.m.3 views

CVE-2021-23424

This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time...

7.5CVSS7.3AI score0.01981EPSS
Exploits1References3
Rows per page
Query Builder