Linux Distros Unpatched Vulnerability : CVE-2019-9192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, ...

PT-2025-34665 · Run Llama · Llama Index

Name of the Vulnerable Software and Affected Versions: run-llama/llama index versions prior to 0.12.38 Description: A denial of service issue exists in the JSONReader component. The issue is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting i...

Linux Distros Unpatched Vulnerability : CVE-2022-28201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite...

OESA-2025-2074 poppler security update

is a PDF rendering library. Security Fixes: A vulnerability classified as problematic has been found in Freedesktop Poppler 25.04.0 Document Reader Software.CWE is classifying the issue as CWE-674. The product does not properly control the amount of recursion that takes place, consuming excessive...

OESA-2025-2061 apache-commons-lang security update

The standard Java libraries fail to provide enough methods for manipulation of its core classes. Apache Commons Lang provides these extra methods. Security Fixes: A vulnerability classified as problematic has been found in Apache Commons Lang up to 2.6/3.17.x.CWE is classifying the issue as...

Linux Distros Unpatched Vulnerability : CVE-2025-8732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the...

Linux Distros Unpatched Vulnerability : CVE-2019-6131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svgrunusesymbol, svgrunelement, and svgrunuse, as demonstrated by mutool...

Linux Distros Unpatched Vulnerability : CVE-2025-46206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the mutool clean utility. When...

TencentOS Server 4: protobuf (TSSA-2025:0539)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0539 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2025-50420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can...

Linux Distros Unpatched Vulnerability : CVE-2025-53605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields ...

SUSE CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

UBUNTU-CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614

The CVE-2025-38614 entry describes a Linux kernel vulnerability in eventpoll where recursion depth in ep_loop_check_proc() could form deep trees and trigger semi-unbounded recursion. The root cause involved two shortcomings: (1) the depth checks did not consider upward paths, and (2) multiple dow...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an improperly limited recursion depth that could lead to resource exhaustion...

PT-2025-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the eventpoll subsystem that could allow for semi-unbounded recursion. The issue stems from insufficient depth checks when creating graph edges...

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java and Node.js (CVE-2025-48924, CVE-2025-4949)

Summary There are multiple vulnerabilities in Java and Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

Amazon Linux 2023 : apache-commons-lang3 (ALAS2023-2025-1150)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1150 advisory. Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0...