Lucene search
K

438 matches found

RedHat Linux
RedHat Linux
added 2026/03/18 1:19 p.m.5 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS6.8AI score0.00634EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/18 1:17 p.m.10 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS6.8AI score0.00634EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/18 1:17 p.m.2 views

com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...

8.7CVSS6.8AI score0.00634EPSS
Exploits0References6
OSV
OSV
added 2026/03/18 4:17 a.m.7 views

DEBIAN-CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS6.9AI score0.0058EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/18 2:29 a.m.4 views

CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS5.8AI score0.00679EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/18 2:29 a.m.3 views

CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS6.9AI score0.0058EPSS
Exploits1
OSV
OSV
added 2026/03/17 5:35 p.m.3 views

GHSA-9XP9-J92R-P88V Parse Server crash via deeply nested query condition operators

Impact An unauthenticated attacker can crash the Parse Server process by sending a single request with deeply nested query condition operators. This terminates the server and denies service to all connected clients. Patches A depth limit for query condition operator nesting has been added via the...

8.7CVSS5.7AI score0.00483EPSS
Exploits0References5
OSV
OSV
added 2026/03/17 2:7 p.m.6 views

GHSA-V7CF-C9RM-WM3J Uncontrolled recursion DoS in JustHTML() via deeply nested HTML

Summary justhtml through 1.9.1 allows denial of service via deeply nested HTML. During parsing, JustHTML.init always reaches TreeBuilder.finish, which unconditionally calls populateselectedcontent. That function recursively traverses the DOM via findelements / findelement without a depth bound,...

7.1CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/17 2:7 p.m.11 views

Uncontrolled recursion DoS in JustHTML() via deeply nested HTML

Summary justhtml through 1.9.1 allows denial of service via deeply nested HTML. During parsing, JustHTML.init always reaches TreeBuilder.finish, which unconditionally calls populateselectedcontent. That function recursively traverses the DOM via findelements / findelement without a depth bound,...

5.8AI score
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/17 12:26 a.m.4 views

SUSE CVE-2026-4224

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

7.5CVSS5.8AI score0.00621EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.5 views

PT-2026-26165

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.21 and 8.6.45, an unauthenticated attacker can crash the Parse Server process by sending a single request with deeply nested query condition operators. This terminates the...

8.7CVSS5.7AI score0.00483EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.27 views

CVE-2026-28394 OpenClaw < 2026.2.15 - Denial of Service via Unbounded Response Parsing in web_fetch Tool

OpenClaw versions prior to 2026.2.15 contain a denial of service vulnerability in the webfetch tool that allows attackers to crash the Gateway process through memory exhaustion by parsing oversized or deeply nested HTML responses. Remote attackers can social-engineer users into fetching malicious...

6.9CVSS0.00388EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/24 3:37 p.m.2 views

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

8.2CVSS5.8AI score0.00613EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/23 4:2 p.m.2 views

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

8.2CVSS5.8AI score0.00613EPSS
Exploits0References5
Snyk
Snyk
added 2026/02/19 10:37 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in ReaderBasedJsonParser.java and UTF8DataInputJsonParser.java, when processing deeply nested data. A regression in 3.0 versions caused the StreamReadConstraints.maxNestingDepth setti...

8.7CVSS5.8AI score0.00552EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 8:45 p.m.16 views

CVE-2026-27014

CVE-2026-27014 affects NanaZip’s ROMFS archive parser. From the provided records, versions before 6.0.1630.0 (specifically starting 5.0.1252.0 up to

5.5CVSS5.5AI score0.00152EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.9 views

ezBookkeeping 安全漏洞

ezBookkeeping is a lightweight personal accounting application developed by mayswind developers. Versions of ezBookkeeping 1.2.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation of nested depths during the processing of JSON and XML file...

6.5CVSS5.8AI score0.00288EPSS
Exploits1References1
OSV
OSV
added 2026/02/13 8:54 p.m.5 views

GHSA-8H58-W33P-WQ3G rPGP affected by crash in message handling for deeply nested messages

Summary Previous rPGP versions could be caused to crash with a "stack overflow" when parsing messages that contain deeply nested message layers, such as messages with many signatures. rPGP 0.19.0 resolves this issue with a more robust message handling implementation via...

8.7CVSS5.6AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-1849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive function...

7.5CVSS6AI score0.00272EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 7:15 p.m.13 views

CVE-2026-1849

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

7.5CVSS0.00272EPSS
Exploits0References1
Rows per page
Query Builder