Lucene search
K

20577 matches found

OSV
OSV
added 2026/05/30 11:6 p.m.10 views

SUSE-SU-2026:2148-1 Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

7.8CVSS6AI score0.03663EPSS
Exploits17References9
CloudLinux
CloudLinux
added 2026/05/30 10:23 a.m.20 views

bind: Fix of CVE-2026-1519

CVE-2026-1519: Limit NSEC3 iterations when validating referrals to unsigned delegations to avoid excessive CPU consumption...

7.5CVSS5.4AI score0.01545EPSS
Exploits0
OSV
OSV
added 2026/05/29 11:44 p.m.6 views

SUSE-SU-2026:2134-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.5 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
Snyk
Snyk
added 2026/05/29 9:14 p.m.8 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop through the Avro Decoder process. An attacker can exhaust CPU resources by providing a specially crafted payload with a large block-count value, causing the decoder to perform excessive iterations before propagating an...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 9:14 p.m.9 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop through the Avro Decoder process. An attacker can exhaust CPU resources by providing a specially crafted payload with a large block-count value, causing the decoder to perform excessive iterations before propagating an...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 9:6 p.m.5 views

SUSE-SU-2026:2131-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.34 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

7.8CVSS6.1AI score0.03663EPSS
Exploits17References11
OSV
OSV
added 2026/05/29 8:2 p.m.12 views

GHSA-92VJ-HP7M-GWCJ Nerdbank.MessagePack has Inefficient CPU Computation

Impact Applications that call OptionalConverters.WithExpandoObjectConverter and deserialize untrusted data are open to a vulnerability by which an attacker can exploit a On² algorithm to burn an inordinate amount of CPU effort by adding a great many properties to an ExpandoObject, whose Add metho...

5.3CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/29 8:2 p.m.22 views

Nerdbank.MessagePack has Inefficient CPU Computation

Impact Applications that call OptionalConverters.WithExpandoObjectConverter and deserialize untrusted data are open to a vulnerability by which an attacker can exploit a On² algorithm to burn an inordinate amount of CPU effort by adding a great many properties to an ExpandoObject, whose Add metho...

5.8AI score
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/29 7:58 p.m.34 views

CVE-2026-46385 iskorotkov/avro: CPU Exhaustion in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is 64-bit on amd64 ...

8.7CVSS0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 7:58 p.m.20 views

CVE-2026-46385 iskorotkov/avro: CPU Exhaustion in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is 64-bit on amd64 ...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2026/05/29 6:0 p.m.15 views

stunnel bug fix update

An update is available for stunnel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Stunnel is a wrapper for network connections. It can be used to tunnel an...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/29 12:22 p.m.14 views

CVE-2026-32936

A flaw was found in CoreDNS, a DNS server that chains plugins. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending oversized DNS-over-HTTPS DoH GET requests. The GET path, unlike the POST path, lacks size validation before processing large dns= query parameter...

8.7CVSS5.6AI score0.00672EPSS
Exploits1References5
OSV
OSV
added 2026/05/29 5:12 a.m.15 views

MGASA-2026-0158 Updated perl-IO-Compress package fixes security vulnerabilities

The updated package fixes security vulnerabilities: IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. CVE-2025-15649 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in...

7.8CVSS6AI score0.00373EPSS
Exploits2References6
SUSE CVE
SUSE CVE
added 2026/05/29 1:21 a.m.18 views

SUSE CVE-2026-34043

Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service DoS vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object an object that inherits from Array.prototype but ha...

7.5CVSS5.7AI score0.00472EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:20 a.m.16 views

SUSE CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.27 views

SUSE CVE-2026-46147

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...

4.7CVSS5.8AI score0.00126EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.8 views

PT-2026-47560

Impact Applications that call OptionalConverters.WithExpandoObjectConverter and deserialize untrusted data are open to a vulnerability by which an attacker can exploit a On² algorithm to burn an inordinate amount of CPU effort by adding a great many properties to an ExpandoObject, whose Add metho...

5.3CVSS5.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

SUSE SLES15 Security Update : xen (SUSE-SU-2026:2102-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2102-1 advisory. This update for xen fixes the following issues - CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053...

7.8CVSS5.9AI score0.00258EPSS
Exploits0References13
Packet Storm
Packet Storm
added 2026/05/29 12:0 a.m.65 views

📄 ImageMagick 7.x Denial of Service

ImageMagick versions 7.x suffer from an infinite loop issue in the MIFF decoder that can lead to CPU exhaustion. Exploit Title: ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion Google Dork: N/A Date: 2026-05-13 Exploit Author: Jose Rivas bl4cksku11 & Zero Trust Offsec...

5.8AI score0.01849EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46174

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instructi...

8.8CVSS6AI score0.00129EPSS
Exploits0References3
Rows per page
Query Builder