Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6409

A Denial of Service DoS vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep recursion—can be used to crash the application, impacting service availability...

7.1CVSS5.4AI score0.0036EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in jsoup

jsoup is a Java library for working with HTML. Users of jsoup versions prior to 1.14.2 who parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user-supplied input, an attacker may provide content that causes the parser to become stuck loop indefinitely until...

7.5CVSS6.6AI score0.06873EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.12 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2026-1336)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the...

7.5CVSS5.9AI score0.00626EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.7 views

PT-2026-33338

Name of the Vulnerable Software and Affected Versions Protobuf PHP versions prior to 5.34.0-RC1 Protobuf PHP versions prior to 4.33.6 Description A Denial of Service DoS issue exists during the parsing of untrusted input. Maliciously structured messages, specifically those containing negative...

7.8CVSS5.7AI score0.0036EPSS
Exploits0References20
NVD
NVD
added 2025/12/04 11:15 p.m.8 views

CVE-2025-66564

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...

7.5CVSS0.00411EPSS
Exploits0References2
OSV
OSV
added 2021/08/18 3:15 p.m.6 views

AZL-36945 CVE-2021-37714 affecting package jsoup 1.11.3-4

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References1
Rows per page
Query Builder