CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/01/15 12:0 a.m.•1 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the xmlCatalogXMLResolveURI function when processing XML catalogs containing self-referencing delegate URI entries. An attacker can cause affected applications to crash by supplying a specially crafted XML...

8.2CVSS5.8AI score0.00088EPSS

RedHat Linux•added 2026/01/13 4:29 p.m.•1 views

github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation

A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service DoS via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic an...

7.5CVSS5.8AI score0.0004EPSS

Exploits0References6

RedHat Linux•added 2026/01/13 4:29 p.m.•5 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS7.2AI score0.0004EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

RHEL 10 : opentelemetry-collector (RHSA-2026:0514)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:0514 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via...

7.5CVSS7.6AI score0.0004EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 9:21 a.m.•8 views

CVE-2018-4002

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...

7.8CVSS7AI score0.01578EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:42 a.m.•5 views

CVE-2022-31173

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

7.5CVSS6.7AI score0.00615EPSS

Exploits1References1

IBM Security Bulletins•added 2026/01/06 12:17 a.m.•4 views

Security Bulletin: IBM Event Processing is affected by multiple Vulnerabilities in IBM Operator for Apache Flink

Summary IBM Event Processing is affected by multiple Vulnerabilities in IBM Operator for Apache Flink 1.4.5 Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers...

7.5CVSS6AI score0.00099EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/12/31 3:31 p.m.•5 views

Security Bulletin: IBM Event Streams is vulnerable to Uncontrolled Recursion vulnerability (CVE-2025-48924)

Summary IBM Event Streams is vulnerable to Uncontrolled Recursion vulnerability due to the use of the Apache Commons Lang artifact. This artifact primarily used for utility functions such as string manipulation, object comparison, and handling common operations that simplify Java development...

5.3CVSS6.6AI score0.00099EPSS

Exploits0Affected Software1

Uncontrolled Recursion

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.2CVSS7AI score0.00008EPSS

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the DrawPrimitive function in the draw.c file. An attacker can cause a stack overflow and application crash by providing MVG files containing circular references. Remediation A fix was pushed into the master...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...