62 matches found
CVE-2026-31645
A flaw was found in the Linux kernel's lan966x network driver. This vulnerability, a page pool leak, occurs when certain error paths in the lan966xfdmarxalloc and lan966xfdmainit functions fail to properly destroy allocated page pools. This oversight can lead to a gradual depletion of system memo...
Allocation of Resources Without Limits or Throttling
Overview github.com/coredns/coredns/core/dnsserver is a package that implements all the interfaces from Caddy, so that CoreDNS can be a servertype plugin. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of resource-limiting...
OESA-2025-2666 lasso security update
The package is a implements the Liberty Alliance Single Sign On standards library, includeing the SAML2 and SAML specifications. it provides bindings for multiple languages.and allows to handle the whole life-cycle of SAML based Federations. Security Fixes: A denial of service vulnerability exist...
OESA-2025-2662 lasso security update
The package is a implements the Liberty Alliance Single Sign On standards library, includeing the SAML2 and SAML specifications. it provides bindings for multiple languages.and allows to handle the whole life-cycle of SAML based Federations. Security Fixes: A denial of service vulnerability exist...
SUSE CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this...
CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
AZL-69860 CVE-2025-46784 affecting package lasso 2.8.0-1
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
AZL-69847 CVE-2025-46784 affecting package lasso for versions less than 2.9.0-1
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
UBUNTU-CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
CVE-2025-46784
The connected advisories confirm CVE-2025-46404, CVE-2025-46705, CVE-2025-46784 and CVE-2025-47151 affect the lasso library (Entr'ouvert Lasso / liblasso) used for Liberty/SAML processing. Descriptions show a mix of denial-of-service via malformed SAML responses causing memory depletion or crashe...
CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...
Entr'ouvert Lasso lasso_node_init_from_message_with_format denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2195 Entr'ouvert Lasso lassonodeinitfrommessagewithformat denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46784 SUMMARY A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso...
PT-2025-45109
Name of the Vulnerable Software and Affected Versions Entr'ouvert Lasso version 2.5.1 Description A denial of service issue exists in the lasso node init from message with format functionality. A specially crafted SAML response can cause memory depletion, leading to a denial of service. An attack...
EUVD-2020-24461
Malware in sbrugna...
EUVD-2017-3788
Malware in sbrugna...
PT-2025-32009 · Unknown +1 · Security-Kit +1
Name of the Vulnerable Software and Affected Versions: Vision UI versions 1.4.0 and below Description: The generateSecureId and getSecureRandomInt functions within the security-kit component versions prior to 3.5.0, packaged in Vision UI 1.4.0 and below are susceptible to Denial of Service DoS...
Redis 安全漏洞
Redis is an open source, ANSI C, web-enabled, memory-based, persistent logging, key-value Key-Value storage database from Redis, Inc. with a multilingual API. A security vulnerability exists in Redis 7.4.3 and earlier versions, which stems from an improper memory allocation for multiple batch...