Lucene search
+L

235 matches found

Positive Technologies
Positive Technologies
added 2025/08/04 12:0 a.m.5 views

PT-2025-32166 · Nvidia · Nvidia Triton Inference Server

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server for Windows and Linux affected versions not specified Description: NVIDIA Triton Inference Server is susceptible to an integer overflow triggered by specially crafted inputs. Successful exploitation of this issu...

9.1CVSS7.2AI score0.00503EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/08/01 3:14 p.m.3 views

Security update for python310

This update for python310 fixes the following issues: CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.9CVSS6.7AI score0.00473EPSS
Exploits0References4
OSV
OSV
added 2025/08/01 3:14 p.m.4 views

SUSE-SU-2025:02597-1 Security update for python310

This update for python310 fixes the following issues: - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705...

4.3CVSS6.3AI score0.00473EPSS
Exploits0References3
NVD
NVD
added 2025/07/31 8:15 p.m.5 views

CVE-2025-50572

Archer 6.11.00204.10014 allows attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applications. NOTE: the Supplier does not accept this as a valid vulnerability report against their produ...

8.8CVSS0.0038EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/13 10:2 p.m.1 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via improper bounds checking in the process of binary file handling. An attacker can cause memory corruption or potentially execute arbitrary code by providing crafted input files. Remediation A fix was pushed into t...

7.8CVSS7.9AI score0.00172EPSS
Exploits0References3
OSV
OSV
added 2025/06/17 2:15 p.m.1 views

DEBIAN-CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

4.3CVSS5.7AI score0.00473EPSS
Exploits0References1
OSV
OSV
added 2025/06/17 2:15 p.m.4 views

UBUNTU-CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

4.3CVSS6.3AI score0.00473EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/06/17 1:39 p.m.5 views

CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

4.3CVSS6AI score0.00473EPSS
Exploits0References11Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.6 views

PT-2025-25656

Name of the Vulnerable Software and Affected Versions html.parser.HTMLParser affected versions not specified Description The issue concerns the html.parser.HTMLParser class, which has worse-case quadratic complexity when processing certain crafted malformed inputs. This could potentially lead to...

9.4CVSS6.8AI score0.02303EPSS
Exploits16References185
Snyk
Snyk
added 2025/05/28 5:50 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in multiple locations in the code. An attacker can cause a denial of service by supplying specially craft...

6.9CVSS6.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:43 p.m.8 views

CVE-2021-40896

A Regular Expression Denial of Service ReDOS vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails...

7.5CVSS6.9AI score0.01002EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:30 p.m.12 views

CVE-2021-29571

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

7.8CVSS7.3AI score0.0024EPSS
Exploits1References1
OSV
OSV
added 2025/05/19 2:15 a.m.5 views

AZL-61919 CVE-2025-23166 affecting package nodejs for versions less than 20.14.0-9

The C++ method SignTraits::DeriveBits may incorrectly call ThrowException based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary...

7.5CVSS7.2AI score0.00763EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 1:59 p.m.12 views

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

9.2CVSS6.4AI score0.01407EPSS
Exploits1References5
Snyk
Snyk
added 2025/04/30 12:24 a.m.3 views

Inefficient Algorithmic Complexity

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the inputprocessorforphi4mm function. An attacker can cause the application to consume excessive resource...

7.5CVSS6.9AI score0.00426EPSS
Exploits1References2
Snyk
Snyk
added 2025/04/27 9:34 p.m.6 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the manipulation of the Name argument. An attacker can cause the application to consume excessive resources leading to a denial of service by sending crafted inputs designed to trigger...

7.5CVSS6.6AI score0.00547EPSS
Exploits0References2
OSV
OSV
added 2025/04/14 11:38 a.m.11 views

BIT-PHP-MIN-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...

9.2CVSS8.3AI score0.01407EPSS
Exploits1References2
OSV
OSV
added 2025/04/14 11:38 a.m.16 views

BIT-PHP-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...

9.2CVSS8.3AI score0.01407EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/04/06 6:21 p.m.21 views

CVE-2024-11235

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

8.1CVSS6.8AI score0.01407EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/04 5:51 p.m.20 views

CVE-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...

9.2CVSS8.2AI score0.01407EPSS
Exploits1References1
Rows per page
Query Builder