Lucene search
+L

165 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in zlib

Zlib before version 1.3.2 allowed CPU consumption through crc32combine64 and crc32combinegen64, because x2nmodp could perform right shifts within a loop without a termination condition...

5.5CVSS6.2AI score0.00204EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.12.0 : zlib (EulerOS-SA-2026-2117)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop th...

5.5CVSS5.5AI score0.00204EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-4078

The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice in all versions up to and including 1.8.2. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS5.5AI score0.00257EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 2:7 a.m.15 views

Security Bulletin: IBM i is Affected by an Improper Validation Vulnerability in zlib [CVE-2026-27171]

Summary Zlib for IBM i is vulnerable to increased CPU consumption when using functions crc32combine64 and crc32combine64gen64 CVE-2026-27171 as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-27171 DESCRIPTION: zlib before 1.3.2 allows CPU consumption via...

5.5CVSS5.8AI score0.00204EPSS
Exploits1Affected Software5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed NULL dereferencing in debugfs odmcombinesegments When a connector is connected but inactive e.g., disabled by desktop environments, pipectx-streamres.tg will be destroyed. Then, reading odmcombinesegments...

6.1AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 5:36 p.m.9 views

JLSEC-2026-480 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because...

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References9
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Low: nodejs22

Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...

5.5CVSS5.2AI score0.00204EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2026-1608)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1608 advisory. A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References4
Amazon
Amazon
added 2026/04/30 12:0 a.m.6 views

Low: nodejs20

Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...

5.5CVSS5.3AI score0.00204EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/04/24 7:45 a.m.5 views

CVE-2026-4078

The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice in all versions up to and including 1.8.2. This is due to insufficient input sanitization and output escaping in the...

6.4CVSS5.2AI score0.00257EPSS
Exploits0References15
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

WordPress plugin ITERAS 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.8AI score0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.13 views

PT-2026-34866

The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice in all versions up to and including 1.8.2. This is due to insufficient input sanitization and output escaping in the combin...

6.4CVSS5.7AI score0.00257EPSS
Exploits0References16
OSV
OSV
added 2026/04/13 1:20 p.m.7 views

JLSEC-2026-83

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

4.3CVSS5.8AI score0.00632EPSS
Exploits1References4
OSV
OSV
added 2026/04/13 1:20 p.m.7 views

JLSEC-2026-86 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the...

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check...

7.1CVSS5.8AI score0.00234EPSS
Exploits1References5
OSV
OSV
added 2026/04/09 11:18 a.m.7 views

SUSE-SU-2026:21013-1 Security update for zlib

This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32combine64 and crc32combinegen64 functions due to missing checks for negative lengths. bsc1258392 - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in...

9.8CVSS7AI score0.03179EPSS
Exploits1References5
Mageia
Mageia
added 2026/03/31 11:5 p.m.12 views

Updated zlib packages fix security vulnerability

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition. CVE-2026-27171...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References4
Rosalinux
Rosalinux
added 2026/03/22 9:32 p.m.17 views

Advisory ROSA-SA-2026-3250

software: zlib 1.2.13 OS: ROSA-CHROME unaffected versions = zlib-1.2.13-2 affected versions zlib-1.2.13-2 CVE-ID: CVE-2026-27171 BDU-ID: None CVE-Crit: LOW CVE-DESC.: In zlib before 1.3.2, excessive CPU consumption DoS via crc32combine64 and crc32combinegen64 functions is possible: the x2nmodp...

5.5CVSS5.7AI score0.00204EPSS
Exploits1
OSV
OSV
added 2026/03/15 5:55 a.m.4 views

OESA-2026-1586 zlib security update

Security Fixes: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition.CVE-2026-27171...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References2
OSV
OSV
added 2026/03/15 5:55 a.m.3 views

OESA-2026-1585 zlib security update

Security Fixes: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition.CVE-2026-27171...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References2
OSV
OSV
added 2026/03/15 5:55 a.m.4 views

OESA-2026-1583 zlib security update

Security Fixes: zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition.CVE-2026-27171...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References2
Rows per page
Query Builder