Lucene search
+L

217 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/08 12:0 a.m.15 views

AlmaLinux 9 : python3.12 (ALSA-2025:3631)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:3631 advisory. cpython: python: Uncontrolled CPU resource consumption when in http.cookies module CVE-2024-7592 Tenable has extracted the preceding description block directly fro...

7.5CVSS6.7AI score0.02303EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2025/04/07 12:0 a.m.10 views

Low: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.2AI score0.02303EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2025/04/07 12:0 a.m.13 views

Low: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.2AI score0.02303EPSS
Exploits1References3
OSV
OSV
added 2025/04/07 12:0 a.m.25 views

ALSA-2025:3631 Low: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.6AI score0.02303EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/03/06 1:20 a.m.20 views

CVE-2025-1695

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...

6.9CVSS7.1AI score0.00552EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-7592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashe...

7.5CVSS6.7AI score0.02303EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/04 12:54 a.m.12 views

CVE-2025-1695 NGINX Unit Java Vulnerability

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...

6.9CVSS5.2AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/04 12:0 a.m.6 views

IBM EntireX Denial of Service Vulnerability

IBM EntireX is a cross-platform middleware developed by IBM for high-performance data communication and transaction processing between heterogeneous systems. A denial of service vulnerability exists in IBM EntireX regular expressions, which is caused by a complexity flaw in the regular expression...

5.5CVSS6.5AI score0.00133EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-20030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources...

7.8CVSS6.2AI score0.03798EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2025/03/03 3:1 p.m.33 views

K000149959: NGINX Unit vulnerability CVE-2025-1695

Security Advisory Description When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. CVE-2025-1695 Impact System performance can degrade due to high CPU utilization. This vulnerability allows a...

6.9CVSS6.6AI score0.00552EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.16 views

Amazon Linux 2 : python3 (ALAS-2025-2754)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2754 advisory. The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 ...

7.5CVSS6.9AI score0.02303EPSS
Exploits1References8
Amazon
Amazon
added 2025/02/25 12:0 a.m.32 views

Medium: python3

Issue Overview: The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser. CVE-2024-11168 There ...

7.5CVSS7.1AI score0.02303EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/02/19 12:0 a.m.13 views

Wireshark 4.2.x < 4.2.11 / 4.4.x < 4.4.4 DoS Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 4.2.11 or 4.4.4. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.2.11 advisory. - The Bundle Protocol and CBOR dissectors could crash. Fixed in master: 83c73a83ad Fixed in release-4.4:...

7.8CVSS6.1AI score0.0028EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/02/14 5:58 p.m.150 views

@octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary A Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long sequence of spaces followed by a newline and "@", an attacker can exploit inefficient regular expression processin...

5.3CVSS7.1AI score0.00605EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.13 views

EulerOS 2.0 SP11 : dhcp (EulerOS-SA-2025-1133)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...

7.5CVSS7.9AI score0.02114EPSS
Exploits0References3
NVD
NVD
added 2025/02/05 6:15 p.m.16 views

CVE-2025-24312

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...

8.7CVSS0.00386EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 5:31 p.m.10 views

CVE-2025-24312 BIG-IP AFM vulnerability

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...

8.7CVSS7.8AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2025/02/05 5:31 p.m.62 views

CVE-2025-24312

CVE-2025-24312 affects BIG-IP AFM. When IPS is enabled and a protocol inspection profile is configured on a virtual server or policy, undisclosed traffic can cause CPU resource utilization, potentially leading to DoS. Affected fixes are provided in: BIG-IP AFM 17.1.0–17.1.1 (fix 17.1.2); BIG-IP A...

8.7CVSS7.6AI score0.00386EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/02/05 5:30 p.m.92 views

CVE-2025-21087

CVE-2025-21087 affects F5 BIG-IP TMM: when Client/Server SSL profiles are configured on a virtual server or DNSSEC signing is used, undisclosed traffic can cause increased memory and CPU usage, potentially degrading performance or causing DoS. According to the F5 advisory, vulnerable ranges inclu...

8.9CVSS7.5AI score0.00393EPSS
Exploits0References1Affected Software21
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.14 views

EulerOS 2.0 SP9 : dhcp (EulerOS-SA-2025-1036)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...

7.5CVSS7.9AI score0.02114EPSS
Exploits0References3
Rows per page
Query Builder