Lucene search
K

270 matches found

OSV
OSV
added 2026/02/25 12:0 a.m.3 views

ALSA-2026:3354 Important: python-pyasn1 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6AI score0.00679EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005365 advisory. In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that...

7.5CVSS5.5AI score0.04128EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/22 12:0 a.m.3 views

Fedora 42 : python-pyasn1 (2026-ddafe1357a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ddafe1357a advisory. Update for python-pyasn1-0.6.2-1.fc42. Changelog Thu Feb 05 2026 Simon Pichugin - 0.6.2-1 - Update to 0.6.2 - Fixed continuation octet limits in...

7.5CVSS5.5AI score0.00679EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/20 1:34 a.m.3 views

CVE-2026-27016 LibreNMS has Stored XSS in Custom OID - unit parameter missing strip_tags()

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 24.10.0 through 26.1.1 are vulnerable to Stored XSS via the unit parameter in Custom OID. The Custom OID functionality lacks striptags sanitization while other fields name, oid, datatype are sanitized. The...

5.4CVSS5.4AI score0.00227EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.12 views

PT-2026-20793

Name of the Vulnerable Software and Affected Versions LibreNMS versions 24.10.0 through 26.1.1 Description LibreNMS, an auto-discovering PHP/MySQL/SNMP based network monitoring tool, has an issue where the unit parameter in the Custom OID functionality is not properly sanitized. Specifically, it...

5.4CVSS5.3AI score0.00227EPSS
Exploits0References7
OSV
OSV
added 2026/02/16 2:23 p.m.3 views

SUSE-SU-2026:20447-1 Security update for python-pyasn1

This update for python-pyasn1 fixes the following issues: - CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902...

7.5CVSS5.8AI score0.00679EPSS
Exploits0References3
OSV
OSV
added 2026/02/11 8:43 a.m.2 views

SUSE-SU-2026:0430-1 Security update for python-pyasn1

This update for python-pyasn1 fixes the following issues: - CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902...

7.5CVSS5.8AI score0.00679EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.4 views

RHEL 8 : resource-agents (RHSA-2026:2460)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2460 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several service...

7.5CVSS5.8AI score0.00679EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/09 10:27 a.m.8 views

pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/02/09 10:26 a.m.5 views

pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References7
Rockylinux
Rockylinux
added 2026/02/06 9:8 a.m.14 views

fence-agents security update

An update is available for fence-agents. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling...

7.5CVSS5.5AI score0.00679EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/04 3:13 p.m.3 views

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7.3AI score0.00679EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2026/02/04 12:0 a.m.6 views

Important: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: pyasn1: pyasn1: Denial of Service due to memory exhaustion from malform...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References4
OSV
OSV
added 2026/01/31 11:38 a.m.5 views

CVE-2025-71184 btrfs: fix NULL dereference on root when tracing inode eviction

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References7
Debian
Debian
added 2026/01/28 9:44 p.m.11 views

[SECURITY] [DSA 6114-1] pyasn1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6114-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 28, 2026 https://www.debian.org/security/faq -...

7.5CVSS5.8AI score0.00679EPSS
Exploits0
OSV
OSV
added 2026/01/27 6:46 a.m.2 views

SUSE-SU-2026:0300-1 Security update for python-pyasn1

This update for python-pyasn1 fixes the following issues: - CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902...

7.5CVSS5.9AI score0.00679EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/16 7:53 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the valueDecoder function in decoder.py. An attacker can cause memory exhaustion by submitting a malformed RELATIVE-OID containing excessive continuation octets. PoC python import...

8.7CVSS5.6AI score0.00679EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/16 7:19 p.m.12 views

pyasn1 has a DoS vulnerability in decoder

Summary After reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. Details The integer issue can be found in the decoder as reloid += subId 7 + nextSubId,:...

7.5CVSS6.9AI score0.00679EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/01/16 7:16 p.m.10 views

CVE-2026-23490

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2...

7.5CVSS0.00679EPSS
Exploits0References55
OSV
OSV
added 2026/01/16 7:16 p.m.4 views

UBUNTU-CVE-2026-23490

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2...

7.5CVSS7.2AI score0.00679EPSS
Exploits0References6
Rows per page
Query Builder