Lucene search
+L

24 matches found

cvelist
cvelist
added 2026/05/11 6:6 p.m.40 views

CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS

Uncontrolled Resource Consumption vulnerability in ninenines cowlib cowhttpte module allows Excessive Allocation. The chunked transfer-encoding parser in cowhttpte accepts an unbounded number of hex digits in the chunk-size field. Each digit causes a bignum multiplication Len 16 + digit, so parsi...

8.7CVSS0.00431EPSS
Exploits0References3
cvelist
cvelist
added 2026/03/30 9:42 p.m.30 views

CVE-2026-33983 FreeRDP: Progressive Codec Quant BYTE Underflow - UB + CPU DoS

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...

6.5CVSS0.00426EPSS
Exploits0References2
nessus
nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2023-5975:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5975:01 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 python: open redirection...

7.5CVSS7.5AI score0.03502EPSS
Exploits1References4
rocky
rocky
added 2025/12/18 9:4 a.m.6 views

python39:3.9 and python39-devel:3.9 security update

An update is available for module.python-psutil, python-packaging, module.Cython, module.python-iniconfig, module.python-wcwidth, module.python-ply, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy, module.python-attrs, Cython,...

7.5CVSS6.6AI score0.03502EPSS
Exploits1
nessus
nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 3: python38 and python38-devel (TSSA-2023:0112)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0112 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.9AI score0.03502EPSS
Exploits1References4
nessus
nessus
added 2024/06/03 12:0 a.m.12 views

RHEL 6 : ocaml-xml-light (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ocaml-xml-light: hash table collisions CPU usage DoS CVE-2012-3514 Note that Nessus has not tested for this issue b...

5CVSS6.6AI score0.01497EPSS
Exploits0References1
nessus
nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 4 : apr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apr: hash table collisions CPU usage DoS CVE-2012-0840 Note that Nessus has not tested for this issue but has inste...

5CVSS7.3AI score0.43346EPSS
Exploits0References1
cve
cve
added 2023/10/12 11:2 p.m.59 views

CVE-2023-44184

The CVE-2023-44184 issue affects Juniper Networks Junos OS and Junos OS Evolved in the mgd (management daemon) component. A memory-buffer bound check violation allows a network-based, authenticated, low-privileged attacker to execute a specific NETCONF command that can cause CPU denial of service...

6.5CVSS6.5AI score0.00502EPSS
Exploits0References1Affected Software2
vulnrichment
vulnrichment
added 2023/10/12 11:2 p.m.12 views

CVE-2023-44184 Junos OS and Junos OS Evolved: High CPU load due to specific NETCONF command

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon mgd process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU...

6.5CVSS6.8AI score0.00502EPSS
Exploits0References1
nvd
nvd
added 2022/12/07 8:15 p.m.31 views

CVE-2022-46770

qubes-mirage-firewall aka Mirage firewall for QubesOS 0.8.x through 0.8.3 allows guest OS users to cause a denial of service CPU consumption and loss of forwarding via a crafted multicast UDP packet IP address range of 224.0.0.0 through 239.255.255.255...

7.5CVSS0.21478EPSS
Exploits6References2
prion
prion
added 2022/01/14 8:15 p.m.26 views

Design/Logic Flaw

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources...

4.3CVSS5.5AI score0.00779EPSS
Exploits1References1Affected Software1
cve
cve
added 2021/03/22 11:40 p.m.496 views

CVE-2021-21341

CVE-2021-21341 affects the XStream Java library (unmarshalling) prior to 1.4.16. The vulnerability enables a remote attacker to cause a denial-of-service by consuming 100% CPU time via manipulated input streams. Impact is described as CPU denial of service; no user impact if the recommended Secur...

7.5CVSS8.5AI score0.77801EPSS
Exploits1References15Affected Software1
debiancve
debiancve
added 2020/08/24 5:6 p.m.32 views

CVE-2020-24606

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cachepeer is used with the cache digests feature. The problem exists because...

8.6CVSS7.1AI score0.05162EPSS
Exploits0
github
github
added 2020/02/04 3:7 a.m.73 views

Catastrophic backtracking in regex allows Denial of Service in Waitress

Impact When waitress receives a header that contains invalid characters it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This would allow an attacker to send a single request with an invalid...

6.8CVSS1.1AI score0.0262EPSS
Exploits0References5Affected Software1
nessus
nessus
added 2019/05/28 12:0 a.m.32 views

openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2019-1444)

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues : Security issues fixed : - CVE-2019-5736: containerd: Fixing container breakout vulnerability bsc1121967. - CVE-2019-6486: go security release, fixing crypto/elliptic C...

9.3CVSS7.1AI score0.9857EPSS
Exploits33References16
opensuse
opensuse
added 2019/05/27 12:0 a.m.220 views

Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (important)

openSUSE Security Update: Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork Announcement ID: openSUSE-SU-2019:1444-1 Rating: important References: 1114209 1114832 1118897 1118898 1118899 1121397 1121967 1123013 1128376 1128746 1134068...

9.3CVSS8.3AI score0.9857EPSS
Exploits33References11
openvas
openvas
added 2019/03/07 12:0 a.m.32 views

openSUSE: Security Advisory for containerd (openSUSE-SU-2019:0295-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.7AI score0.9857EPSS
Exploits33References2
altlinux
altlinux
added 2019/01/24 12:0 a.m.71 views

Security fix for the ALT Linux 10 package golang version 1.11.5-alt1

Jan. 24, 2019 Alexey Shabalin 1.11.5-alt1 - 1.11.5 - fixed CPU DoS vulnerability affecting P-521 and P-384 Fixes: CVE-2019-6486 - add ppc64le to goarches...

6.4CVSS6.8AI score0.04326EPSS
Exploits0
alpinelinux
alpinelinux
added 2018/08/20 7:0 p.m.38 views

CVE-2018-1000654

GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in asn1expandobjectidptree, after a long time, the program will be killed. This attack appears to be exploitable via...

7.1CVSS5.6AI score0.02008EPSS
Exploits1
redhat
redhat
added 2013/02/08 7:6 p.m.6 views

OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous...

5CVSS6.8AI score0.05532EPSS
Exploits1References5
Rows per page
Query Builder