CVE-2020-12005

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

EUVD-2021-25388

Malware in sbrugna...

EUVD-2001-0182

Malware in sbrugna...

EUVD-2022-3209

Malicious code in bioql PyPI...

EUVD-2024-0938

Malicious code in bioql PyPI...

EUVD-2022-7493

Malicious code in bioql PyPI...

Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-1131)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1131 advisory. The attack vector is a potential Denial of Service DoS. The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet.An attacker can craft a...

RLSA-2025:3634 Low: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

resolv vulnerable to DoS via insufficient DNS domain name length validation

A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby. Details The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed doma...

GHSA-XH69-987W-HRP8 resolv vulnerable to DoS via insufficient DNS domain name length validation

A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby. Details The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed doma...

Amazon Linux 2 : pcs (ALAS-2025-2856)

The version of pcs installed on the remote host is prior to 0.9.169-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2856 advisory. Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and...

CVE-2023-51890

An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CPU resources via crafted string in the application URL...

CVE-2021-28665

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service...

AlmaLinux 9 : python3.12 (ALSA-2025:3631)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:3631 advisory. cpython: python: Uncontrolled CPU resource consumption when in http.cookies module CVE-2024-7592 Tenable has extracted the preceding description block directly fro...

Low: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Low: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2025:3631 Low: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

@octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary A Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long sequence of spaces followed by a newline and "@", an attacker can exploit inefficient regular expression processin...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2024:3470-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3470-1 advisory. - CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module...

SUSE-SU-2024:3357-1 Security update for python310

This update for python310 fixes the following issues: - Update to version 3.10.15 - CVE-2024-8088: Fixed denial of service in zipfile. bsc1229704 - CVE-2024-7592: Fixed uncontrolled CPU resource consumption when in http.cookies module. bsc1229596 - CVE-2024-6232: Fixed ReDos via excessive...