Lucene search
+L

34 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-17652

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00299EPSS
Exploits1References1
nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-23836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an...

7.5CVSS7.1AI score0.01164EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/01/06 4:19 a.m.14 views

CVE-2024-56332

A flaw was found in Next.js package. A denial of service DoS attack allows attackers to construct requests that leave requests to Server Actions hanging until the hosting provider cancels the function execution. The Next.js server is idle during that time and only keeps the connection open. The C...

5.3CVSS6.8AI score0.00807EPSS
Exploits0References4
osv
osv
added 2024/03/09 1:15 a.m.7 views

AZL-35877 CVE-2024-28180 affecting package containerd for versions less than 1.7.13-6

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if t...

4.3CVSS6.4AI score0.01956EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/03/07 12:0 a.m.7 views

PT-2024-2050

Name of the Vulnerable Software and Affected Versions go-jose versions prior to 2.6.3 go-jose versions prior to 3.0.3 go-jose versions prior to 4.0.1 Description The issue is related to the incorrect handling of highly compressed input data in the go-jose package, which implements the Javascript...

10CVSS8.5AI score0.93305EPSS
Exploits16References305
snyk
snyk
added 2023/09/12 7:57 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

6.5CVSS7AI score0.04661EPSS
Exploits0References2
prion
prion
added 2023/02/20 4:15 p.m.18 views

Design/Logic Flaw

notation-go is a collection of libraries for supporting Notation sign, verify, push, and pull of oci artifacts. Prior to version 1.0.0-rc.3, notation-go users will find their application using excessive memory when verifying signatures. The application will be killed, and thus availability is...

5CVSS7.5AI score0.0044EPSS
Exploits0References2Affected Software1
osv
osv
added 2022/12/27 10:15 p.m.5 views

AZL-40841 CVE-2022-3064 affecting package packer for versions less than 1.9.5-1

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS7.1AI score0.017EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/08/31 12:0 a.m.5 views

CVE-2022-36773

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233571...

8.1CVSS5.8AI score0.01489EPSS
Exploits0References4Affected Software1
redhat
redhat
added 2022/05/18 1:29 a.m.2 views

dotnet: malicious content causes high CPU and memory usage

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...

7.5CVSS5.8AI score0.04913EPSS
Exploits0References5
redhat
redhat
added 2020/07/01 6:46 p.m.7 views

envoy: Resource exhaustion when processing HTTP/1.1 headers with long field names

An uncontrolled resource consumption vulnerability was found in Envoy. This flaw allows an attacker to craft many HTTP requests with long field names or URLs to cause the proxy to consume excessive amounts of memory, potentially resulting in a denial of service. The highest threat from this...

7.5CVSS7.1AI score0.01448EPSS
Exploits0References5
nessus
nessus
added 2019/12/31 12:0 a.m.33 views

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K76328112)

BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. CVE-2019-6683 Impact This vulnerability is present only on BIG-IP Virtual Edition VE systems with limited bandwidth licenses. BIG-IP VE products with...

7.5CVSS7.2AI score0.01014EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2016/03/13 6:59 p.m.23 views

CVE-2016-1970

Integer underflow in the srtpunprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

8.8CVSS7.2AI score0.0172EPSS
Exploits0References2
myhack58
myhack58
added 2008/05/18 12:0 a.m.26 views

From the flowers began to scold kill free-vulnerability warning-the black bar safety net

The topic you read that right, and indeed from the flower began to scoldfree kill. Why you want to scold it, in fact because of recent school bored, so using a mobile phone on the QQ scurry. Not is I which nerve dislocation, is looking for a to teachfree killchat updon't ask me how I make him tal...

6.7AI score
Exploits0
Rows per page
Query Builder