Lucene search
+L

3476 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : python-marshmallow (SUSE-SU-2026:0226-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0226-1 advisory. - CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473. Tenable has extracted the preceding...

5.3CVSS5.6AI score0.00252EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/01/23 3:31 p.m.19 views

protobuf affected by a JSON recursion depth bypass

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

8.2CVSS5.6AI score0.00613EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/01/23 12:24 p.m.7 views

OESA-2026-1246 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

9.8CVSS6.9AI score0.00609EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-14369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/22 4:16 p.m.22 views

CVE-2026-23764 VB-Audio Voicemeeter & Matrix Drivers DoS via Corrupted IoAllocateMdl Length

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...

6.8CVSS0.00139EPSS
Exploits0References5
NVD
NVD
added 2026/01/22 1:15 a.m.10 views

CVE-2026-23952

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attack due to...

7.5CVSS0.0043EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/20 11:49 a.m.3 views

CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/20 11:49 a.m.6 views

CVE-2025-14369 CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.8AI score0.00147EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : nodejs:14 (AXSA:2021-1568:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1568:01 advisory. nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 nodejs: DNS rebinding in --inspect CVE-2021-22884 Tenable has...

7.8CVSS7.7AI score0.77385EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : nodejs-16.20.2-4.el9_3 (AXSA:2024-7625:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7625:01 advisory. nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 Tenable has extracted the preceding description blo...

7.5CVSS7.9AI score0.03168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : expat-2.5.0-3.el9_5.1 (AXSA:2024-9401:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9401:09 advisory. libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

5.9CVSS7AI score0.0104EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53592)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

6.5CVSS5.5AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2026/01/19 7:17 p.m.6 views

CVE-2025-69199 Pterodactyl Wings's websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks under certain circumstances

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request data through these...

8.3CVSS5.6AI score0.00251EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003797 advisory. An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and denial o...

7.5CVSS7AI score0.02895EPSS
Exploits1References8
NVD
NVD
added 2026/01/15 9:16 p.m.35 views

CVE-2025-60003

A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...

8.7CVSS0.00367EPSS
Exploits0References2
OSV
OSV
added 2026/01/15 10:14 a.m.8 views

USN-7916-2 python-apt regression

USN-7916-1 fixed a vulnerability in python-apt. The update had a PEP 440 incompatible version. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Julian Andres Klode discovered that python-apt incorrectly handled deb822 configuration files. An attacker...

6.9CVSS5.8AI score0.00127EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Oracle Linux 8 : cups (ELSA-2026-0596)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0596 advisory. - RHEL-129729 CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack Tenable has extracted the preceding description block...

6.7CVSS5.5AI score0.00409EPSS
Exploits2References3
OSV
OSV
added 2026/01/13 8:27 p.m.9 views

CVE-2026-22868 go-ethereum has a DoS via malicious p2p message

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8...

7.1CVSS6.8AI score0.00569EPSS
Exploits0References4
OSV
OSV
added 2026/01/09 2:6 p.m.7 views

OESA-2026-1037 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS7.3AI score0.00552EPSS
Exploits2References4
OSV
OSV
added 2026/01/09 2:6 p.m.10 views

OESA-2026-1033 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS7.3AI score0.00552EPSS
Exploits2References4
Rows per page
Query Builder