Lucene search
K

3470 matches found

NVD
NVD
added 2026/01/22 1:15 a.m.9 views

CVE-2026-23952

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attack due to...

7.5CVSS0.0043EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/20 11:49 a.m.3 views

CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/20 11:49 a.m.5 views

CVE-2025-14369 CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.8AI score0.00147EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : nodejs-16.20.2-4.el9_3 (AXSA:2024-7625:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7625:01 advisory. nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 Tenable has extracted the preceding description blo...

7.5CVSS7.9AI score0.03168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : expat-2.5.0-3.el9_5.1 (AXSA:2024-9401:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9401:09 advisory. libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

5.9CVSS7AI score0.0104EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : nodejs:14 (AXSA:2021-1568:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1568:01 advisory. nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 nodejs: DNS rebinding in --inspect CVE-2021-22884 Tenable has...

7.8CVSS7.7AI score0.77385EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53592)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

6.5CVSS5.5AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2026/01/19 7:17 p.m.5 views

CVE-2025-69199 Pterodactyl Wings's websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks under certain circumstances

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request data through these...

8.3CVSS5.6AI score0.00251EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003797 advisory. An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and denial o...

7.5CVSS7AI score0.02895EPSS
Exploits1References8
NVD
NVD
added 2026/01/15 9:16 p.m.34 views

CVE-2025-60003

A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...

8.7CVSS0.00367EPSS
Exploits0References2
OSV
OSV
added 2026/01/15 10:14 a.m.7 views

USN-7916-2 python-apt regression

USN-7916-1 fixed a vulnerability in python-apt. The update had a PEP 440 incompatible version. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Julian Andres Klode discovered that python-apt incorrectly handled deb822 configuration files. An attacker...

6.9CVSS5.8AI score0.00127EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Oracle Linux 8 : cups (ELSA-2026-0596)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0596 advisory. - RHEL-129729 CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack Tenable has extracted the preceding description block...

6.7CVSS5.5AI score0.00409EPSS
Exploits2References3
OSV
OSV
added 2026/01/13 8:27 p.m.8 views

CVE-2026-22868 go-ethereum has a DoS via malicious p2p message

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8...

7.1CVSS6.8AI score0.00569EPSS
Exploits0References4
OSV
OSV
added 2026/01/09 2:6 p.m.6 views

OESA-2026-1037 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS7.3AI score0.00552EPSS
Exploits2References4
OSV
OSV
added 2026/01/09 2:6 p.m.7 views

OESA-2026-1033 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS7.3AI score0.00552EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.7 views

CVE-2018-19212

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser that will lead to a DoS attack...

6.5CVSS6.7AI score0.0086EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.9 views

CVE-2022-31075

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to /edge.crt. I...

6.5CVSS6.6AI score0.00927EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/08 9:47 p.m.174 views

vLLM introduced enhanced protection for CVE-2025-62164

Summary The fix here for CVE-2025-62164 is not sufficient. The fix only disables prompt embeds by default rather than addressing the root cause, so the DoS vulnerability remains when the feature is enabled. Details vLLM's pending change attempts to fix the root cause, which is the missing sparse...

8.8CVSS6.8AI score0.00831EPSS
Exploits0References3Affected Software1
SUSE Linux
SUSE Linux
added 2026/01/08 1:22 p.m.5 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-68618: read a malicious SVG file may result in a DoS attack bsc1255821. CVE-2025-68950: check for circular references in mvg files may lead to stack overflow bsc1255822. CVE-2025-69204: an integer overflow can lead to a DoS attack...

5.1CVSS7.1AI score0.00552EPSS
Exploits2References12
RedhatCVE
RedhatCVE
added 2026/01/07 9:10 a.m.6 views

CVE-2019-16536

Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3...

8.8CVSS6.9AI score0.00749EPSS
Exploits0References1
Rows per page
Query Builder