Lucene search
K

380 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 2:51 p.m.7 views

CVE-2026-13149

A flaw was found in brace-expansion. An attacker can exploit a vulnerability in the expand function by providing a specially crafted string. This string, containing consecutive non-expanding brace groups, can trigger exponential-time complexity, leading to significant CPU consumption and event-lo...

8.7CVSS5.8AI score0.00361EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/30 11:25 a.m.4 views

Inefficient Algorithmic Complexity

Overview org.webjars.npm:brace-expansion is a WebJar for brace-expansion. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the expand function. An attacker can cause excessive CPU consumption and block the event loop by supplying a specially crafted strin...

8.7CVSS6.3AI score0.00361EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 10:16 a.m.3 views

DEBIAN-CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS5.7AI score0.00361EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2023 : golang-github-burntsushi-toml, golang-github-burntsushi-toml-devel (ALAS2023-2026-1877)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1877 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00939EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42504)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42504 advisory. - Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume...

7.5CVSS5.6AI score0.0056EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 3:27 p.m.8 views

GHSA-W342-MJ6G-V9C4 Klever-Go KVM: Hash-array amplification in P2P resolver request handling

Summary A connected peer can send a compressed RequestDataTypeHashArrayType direct request that is only 442 bytes on the wire but expands into 200000 decoded hash entries inside the resolver path. On klever-go v1.7.17, this allows remote memory and CPU amplification against nodes that accept P2P...

7.5CVSS5.5AI score0.0005EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 9:39 p.m.21 views

GO-2026-5038 Quadratic complexity in WordDecoder.DecodeHeader in mime

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

7.5CVSS5.8AI score0.0056EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Qemu

An infinite loop flaw was discovered in the e1000 NIC emulator of QEMU. This issue occurs when processing transmit tx descriptors in processtxdesc, especially if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in...

6.5CVSS6.3AI score0.00358EPSS
Exploits0References2
Veracode
Veracode
added 2026/05/16 5:25 a.m.17 views

Denial Of Service (DoS)

Mattermost is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of excessively long passwords during authentication, which allows an attacker to consume excessive CPU and memory resources by submitting login attempts with multi-megabyte passwords...

7.5CVSS5.2AI score0.00263EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.3 views

SUSE SLES15 Security Update : bind (SUSE-SU-2026:1428-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1428-1 advisory. - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Tenable has extracted the...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/17 10:0 a.m.3 views

Security update for bind

This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.7CVSS7.4AI score0.01545EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 10:0 a.m.4 views

SUSE-SU-2026:1428-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.10 views

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2026:1366-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1366-1 advisory. - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

7.5CVSS7.3AI score0.01545EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/15 2:33 p.m.2 views

Security update for bind

This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.7CVSS7.4AI score0.01545EPSS
Exploits0References4
OSV
OSV
added 2026/04/15 2:33 p.m.4 views

SUSE-SU-2026:1366-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References3
OSV
OSV
added 2026/04/14 10:46 a.m.5 views

SUSE-SU-2026:1312-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.4 views

SUSE SLES15 Security Update : bind (SUSE-SU-2026:1230-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1230-1 advisory. - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Tenable has extracted the...

7.5CVSS5.9AI score0.01545EPSS
Exploits0References4
OSV
OSV
added 2026/04/09 8:58 a.m.3 views

SUSE-SU-2026:1229-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

7.5CVSS7.3AI score0.01545EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/03/29 8:1 a.m.5 views

Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

...

7.5CVSS5.8AI score0.01545EPSS
Exploits0
CVE
CVE
added 2026/03/25 1:25 p.m.65 views

CVE-2026-1519

Impact: BIND 9 DNSSEC resolvers may consume excessive CPU when validating DNSSEC in a malicious zone. Affected product: BIND 9 series (versions 9.11.0–9.16.50, 9.18.0–9.18.46, 9.20.0–9.20.20, 9.21.0–9.21.19, plus 9.11.3-S1–9.16.50-S1, 9.18.11-S1–9.18.46-S1, and 9.20.9-S1–9.20.20-S1). Root cause: ...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References28Affected Software1
Rows per page
Query Builder