253 matches found
EUVD-2025-201460
Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random string of letters, numbers and symbols. The victim would...
CVE-2025-66558 Nextcloud Twofactor WebAuthn app was updated based on public key
Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random string of letters, numbers and symbols. The victim would...
WebAuthn app was updated based on public key
None...
Security update for python-cbor2 (important)
openSUSE security update: security update for python-cbor2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20133-1 Rating: important References: bsc1220096 bsc1253746 Cross-References: CVE-2024-26134 CVE-2025-64076 CVSS scores: CVE-2025-64076 SUSE :...
SUSE-SU-2025:21168-1 Security update for python-cbor2
This update for python-cbor2 fixes the following issues: - CVE-2025-64076: Fixed bug in decodedefinitelongstring that causes incorrect chunk length calculation bsc1253746. Already fixed in release 5.6.3: - CVE-2024-26134: Fixed potential crash when hashing a CBORTag bsc1220096...
OPENSUSE-SU-2025:20133-1 Security update for python-cbor2
This update for python-cbor2 fixes the following issues: - CVE-2025-64076: Fixed bug in decodedefinitelongstring that causes incorrect chunk length calculation bsc1253746. Already fixed in release 5.6.3: - CVE-2024-26134: Fixed potential crash when hashing a CBORTag bsc1220096...
CVE-2025-64076
A flaw was found in cbor2. This vulnerability allows denial of service through process crashes or memory exhaustion via sending specially-crafted CBOR data containing definite-length text strings with multi-byte UTF-8 characters...
AZL-70516 CVE-2025-64076 affecting package python-cbor2 5.6.5-2
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
CVE-2025-64076
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
EUVD-2025-198054
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
EUVD-2014-9434
Malware in sbrugna...
EUVD-2001-0694
Malware in sbrugna...
EUVD-2007-2318
Malware in sbrugna...
EUVD-2012-5916
Malware in sbrugna...
EUVD-2000-0857
Malware in sbrugna...
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
...
ROS-20250929-04
Vulnerability of MultipartStream class of the Commons FileUpload library exists due to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service consumption of computational resources using a long string...
Linux Distros Unpatched Vulnerability : CVE-2019-9211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable assertion abort in the function writelongstringmissingvalues in data/sys-file- writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to...
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
...
BIT-DJANGO-2025-26699
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings...