Lucene search
+L

246 matches found

Microsoft CVE
Microsoft CVE
added 2025/04/01 7:0 a.m.3 views

jwt-go allows excessive memory allocation during header parsing

...

7.5CVSS7.2AI score0.00693EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/03/27 3:46 p.m.19 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.8AI score0.01261EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2025/03/27 12:0 a.m.17 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References4
OSV
OSV
added 2025/03/26 5:24 p.m.15 views

GO-2025-3553 Excessive memory allocation during header parsing in github.com/golang-jwt/jwt

Excessive memory allocation during header parsing in github.com/golang-jwt/jwt...

7.5CVSS7.5AI score0.00693EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/21 9:42 p.m.139 views

CVE-2025-30204 jwt-go allows excessive memory allocation during header parsing

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS0.00693EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2017-15996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other...

7.8CVSS7.8AI score0.02357EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-14938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bfdelfslurpversiontables in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a...

5.5CVSS6.9AI score0.02024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-30831

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where insufficient validation of the RAS header read from EEPROM could lead to excessive memory allocation when the header is corrupted. This can occur...

6CVSS6.6AI score0.00157EPSS
Exploits0
Veracode
Veracode
added 2024/10/18 9:57 a.m.7 views

Denial Of Service (DoS)

github.com/mattermost/mattermost-server is vulnerable to Denial Of Service DoS. The vulnerability is due to improper memory management in the image proxy component, which allows an attacker to allocate excessive memory for multiple copies of proxied images without adequately handling large file...

6.5CVSS6.6AI score0.00882EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/09/28 12:0 a.m.25 views

RHEL 9 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ant: excessive memory allocation when reading a specially crafted TAR archive CVE-2021-36373 Note that Nessus has n...

5.5CVSS9.6AI score0.02511EPSS
Exploits0References1
Veracode
Veracode
added 2024/08/30 11:45 a.m.19 views

Denial Of Service (DOS)

TensorFlow is vulnerable to a denial of service. The vulnerability is due to the improper handling of the dimensionality of the output tensor in TensorFlow Lite's segment sum implementation,where the code uses the last element of the tensor holding segment IDs to determine the output tensor's siz...

4.3CVSS7.1AI score0.00632EPSS
Exploits1References7Affected Software3
OSV
OSV
added 2024/07/24 7:16 a.m.22 views

BIT-ARGO-CD-2024-40634 Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to...

7.5CVSS7.3AI score0.01392EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/07/22 2:28 p.m.60 views

CVE-2024-41132 SixLabors ImageSharp Allows Excessive Memory Allocation in Gif Decoder

ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit...

5.3CVSS0.00774EPSS
Exploits0References9
Mageia
Mageia
added 2024/06/28 2:41 a.m.27 views

Updated libopenmpt packages fix security vulnerabilities

Possible out-of-bounds read or write when reading malformed MED files. r19389. Null-pointer write 32bit platforms or excessive memory allocation 64bit platforms when reading close to 4GiB of data from unseekable files r20336, r20338. Write buffer overflow when reading unseekable files close to 4G...

7.8AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/06/22 12:0 a.m.23 views

SUSE SLES15 / openSUSE 15 Security Update : podofo (SUSE-SU-2024:2137-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2137-1 advisory. - CVE-2019-9199: Fixed a NULL pointer dereference in podofoimpose bsc1127855 - CVE-2018-20797: Fixed an excessive memory allocati...

8.8CVSS6.7AI score0.02552EPSS
Exploits3References10
CVE
CVE
added 2024/06/20 10:16 p.m.60 views

CVE-2024-38359

The CVE-2024-38359 vulnerability affects the Lightning Network Daemon (lnd) in its onion processing logic, causing a Denial-of-Service due to excessive memory allocation. It has been patched in lnd v0.17.0; upgrading to a version greater than 0.17.0 mitigates the issue. As a partial mitigation, u...

6.5CVSS6.4AI score0.00572EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/06/20 10:16 p.m.56 views

CVE-2024-38359 Lightning Network Daemon Onion Bomb

The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...

6.5CVSS0.00572EPSS
Exploits0References5
OSV
OSV
added 2024/06/18 8:34 a.m.26 views

SUSE-SU-2024:1498-2 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...

3.7CVSS5.7AI score0.01361EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.26 views

RHEL 6 : openexr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Out-of-bounds write in the = operator function CVE-2017-9115 - In OpenEXR 2.2.0, a crafted image...

8.8CVSS7.4AI score0.0331EPSS
Exploits1References9
OSV
OSV
added 2024/05/06 1:4 p.m.44 views

RLSA-2024:1822 Moderate: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122 CVE-2024-21068...

3.7CVSS5.4AI score0.01361EPSS
Exploits0References6
Rows per page
Query Builder