Lucene search
K

77 matches found

Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.9 views

PT-2025-47405

Name of the Vulnerable Software and Affected Versions joserfc versions 1.3.3 through 1.3.4 joserfc versions 1.4.0 through 1.4.1 Description The joserfc library has an issue where excessively large JWT JSON Web Token payloads can be logged, potentially leading to resource exhaustion. Specifically,...

9.2CVSS6.7AI score0.00329EPSS
Exploits1References27
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

joserfc 安全漏洞

joserfc is a Python library open-sourced by Authlib. A security vulnerability exists in joserfc version 1.3.3 up to and including version 1.3.5 and version 1.4.0 up to and including version 1.4.2, which stems from an ExceededSizeError exception message embedded in the Undecoded JWT Token section,...

9.2CVSS6.4AI score0.00329EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35000

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00954EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.6 views

PT-2025-39269

Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description An information disclosure issue exists while decoding an RTP packet received by a User Equipment UE from the network. This occurs when the payload length indicated in the packe...

8.2CVSS6.2AI score0.00242EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cakeenqueue not returning NETXMITCN correctly when bufferlimit is exceeded, which could lead to an error...

7.8CVSS6.8AI score0.00168EPSS
Exploits0References9
OSV
OSV
added 2025/08/11 1:52 p.m.5 views

BIT-LIBPYTHON-2023-36632

The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed ...

7.5CVSS8.7AI score0.01584EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/08/05 6:51 a.m.4 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.1AI score0.73495EPSS
Exploits3References6
OSV
OSV
added 2025/08/04 8:16 p.m.5 views

CLSA-2025-1754338597 Fix CVE(s): CVE-2025-6965

SECURITY UPDATE: excessive aggregate terms potentially leading to memory corruption - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965...

7.7CVSS6.7AI score0.73495EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.6 views

CVE-2022-36104

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads t...

7.5CVSS6.7AI score0.01312EPSS
Exploits0References1
Citrix
Citrix
added 2025/05/15 12:0 a.m.112 views

NetScaler shows an error stating "String length exceeds maximum [passplain, 31]"

When trying to update an existing certificate file with a new certificate file, upon clicking 'Ok', you see the following error appear: "String length exceeds maximum passplain, 31" The attempt to save the changes made fail because of the error which appears...

7.1AI score
Exploits0
Veeam
Veeam
added 2024/08/28 12:0 a.m.659 views

Failed to collect disk files location data. Timeout exceeded.

Challenge A Backup from Storage Snapshot BfSS job in Veeam Backup & Replication VBR for a vSphere virtual machine VM fails with the error: Failed to collect disk files location data. Timeout exceeded. Cause This error is displayed when the disk file location collection task, Map Disk Region, with...

5.8AI score
Exploits0Affected Software1
OSV
OSV
added 2024/08/21 7:15 a.m.4 views

UBUNTU-CVE-2023-52910

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...

5.5CVSS6AI score0.00236EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/22 4:33 p.m.4 views

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

3.7CVSS7.1AI score0.00746EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/22 3:30 p.m.5 views

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

3.7CVSS7.1AI score0.00746EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/18 3:5 p.m.5 views

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

3.7CVSS7.1AI score0.00746EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/17 11:49 a.m.10 views

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

3.7CVSS7.1AI score0.00746EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2024/03/22 5:5 p.m.50 views

K000138991: BIND vulnerability CVE-2023-6516

Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...

7.5CVSS7.5AI score0.01097EPSS
Exploits0
OSV
OSV
added 2024/03/15 9:15 p.m.7 views

UBUNTU-CVE-2021-47117

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4escacheextent as ext4splitextentat failed We got follow bugon when run fsstress with injecting IO fault: 130747.323114 kernel BUG at fs/ext4/extentsstatus.c:762! 130747.323117 Internal error: Oops - BUG: 0...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.4 views

PT-2024-11169 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bug has been fixed in the Linux kernel's ext4 file system, specifically in the ext4 es cache extent function, which is called by ext4 split extent at. The issue occurs when running...

7.8CVSS6.7AI score0.08555EPSS
Exploits6References1078
OSV
OSV
added 2024/02/28 9:15 a.m.11 views

CVE-2021-46983

In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry counter exceeded error is received. This leads to nvmetrdmaerrorcomp which tried accessing the...

5.5CVSS7.4AI score
Exploits0References4
Rows per page
Query Builder