Lucene search
+L

42 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27678

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00359EPSS
Exploits0References5
OSV
OSV
added 2025/09/11 9:15 a.m.4 views

DEBIAN-CVE-2025-48038

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 9:15 a.m.8 views

AZL-67118 CVE-2025-48038 affecting package erlang for versions less than 25.3.2.21-4

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.8AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 8:14 a.m.7 views

CVE-2025-48041 SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

7.1CVSS5.9AI score0.00359EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/09/11 8:13 a.m.3 views

CVE-2025-48038 Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.6 views

PT-2025-37162

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3 Description An Allocati...

7.1CVSS6.5AI score0.00402EPSS
Exploits0References63
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.8 views

PT-2025-37163

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3 Description An Allocati...

9.4CVSS6.5AI score0.00528EPSS
Exploits0References66
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.7 views

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions 17.0 through 28.0.3, 27.3.4.3, and 26.2.5.15, which stems from...

6.9CVSS6.3AI score0.00402EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/08/13 4:34 a.m.416 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433: Erlang/OTP SSH Unauthenticated RCE PoC !CVE-...

10CVSS8.9AI score0.98594EPSS
Exploits36
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-46712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 fo...

3.7CVSS5.5AI score0.0046EPSS
Exploits0References3
OSV
OSV
added 2025/07/11 12:18 p.m.7 views

OESA-2025-1767 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Improper Limitation of a Pathname to a Restricted...

4.8CVSS6.9AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2025/06/16 11:15 a.m.6 views

AZL-64068 CVE-2025-4748 affecting package erlang for versions less than 25.3.2.21-2

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...

4.8CVSS6.6AI score0.00226EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/09 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-32433

Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution RCE. By exploiting a flaw in how SSH protocol...

10CVSS7.9AI score0.98594EPSS
Exploits36References1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.11 views

The vulnerability of theOTP library set in the Erlang programming language lies in the lack of control over the data entered by users. This allows attackers to trigger a service failure.

The vulnerability of theOTP library in the Erlang programming language is related to the lack of control over the data entered by users. Exploiting this vulnerability could allow a malicious actor to cause service failures...

6.8CVSS6.5AI score0.0046EPSS
Exploits0References12Affected Software6
OSV
OSV
added 2025/05/08 8:15 p.m.1 views

DEBIAN-CVE-2025-46712

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

3.7CVSS5.2AI score0.0046EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/04/29 9:15 p.m.105 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

Erlang-OTP-SSH-CVE-2025-32433 Exploit Erlang/OTP SSH CVE-202...

10CVSS8.3AI score0.98594EPSS
Exploits36
OSV
OSV
added 2025/04/16 10:15 p.m.3 views

DEBIAN-CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

10CVSS9.2AI score0.98594EPSS
Exploits36References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library can catch exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions prior to OTP-27.3.1, prior to OTP-26.2.5.10, and prior to...

7.5CVSS7.5AI score0.00436EPSS
Exploits0References2
OSV
OSV
added 2025/02/20 7:15 p.m.6 views

AZL-57095 CVE-2025-26618 affecting package erlang for versions less than 25.2-3

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

7CVSS5.6AI score0.0046EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/12/11 3:48 a.m.6 views

SUSE CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

5.5CVSS7AI score0.00251EPSS
Exploits0References3
Rows per page
Query Builder