CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2024/09/07 12:10 a.m.•33 views

CVE-2024-34156

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Mitigation Mitigation for this issue is either not available o...

7.5CVSS7.4AI score0.00298EPSS

Exploits0References7

NVD•added 2024/09/06 9:15 p.m.•35 views

CVE-2024-34156

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

7.5CVSS0.00298EPSS

Exploits0References5

OSV•added 2024/09/06 9:15 p.m.•28 views

CVE-2024-34156

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

7.6AI score

Exploits0References5

CVE•added 2024/09/06 8:42 p.m.•558 views

CVE-2024-34156

CVE-2024-34156 affects Go’s Decoder.Decode when processing messages with deeply nested structures, leading to a panic from stack exhaustion. The issue is tied to the Go standard library (golang) and has been discussed in Go-related advisories and public postings (e.g., the follow-up to CVE-2022-3...

7.5CVSS8.9AI score0.00298EPSS

Exploits0References5

Vulnrichment•added 2024/09/06 8:42 p.m.•23 views

CVE-2024-34156 Stack exhaustion in Decoder.Decode in encoding/gob

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

6.9AI score0.00298EPSS

Exploits0References4

AlpineLinux•added 2024/09/06 8:42 p.m.•56 views

CVE-2024-34156

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

7.5CVSS9.1AI score0.00298EPSS

Exploits0

NVD•added 2023/11/14 11:15 a.m.•24 views

CVE-2023-44373

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...

9.4CVSS0.00533EPSS

Exploits0References8

Cvelist•added 2023/11/14 11:4 a.m.•28 views

CVE-2023-44373

9.4CVSS9.4AI score0.00533EPSS

Exploits0References8

OpenVAS•added 2021/08/17 12:0 a.m.•20 views

openSUSE: Security Advisory for cpio (openSUSE-SU-2021:2689-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS8.1AI score0.26333EPSS

Exploits1References2

UbuntuCve•added 2014/02/04 9:55 p.m.•22 views

CVE-2014-1694

Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...

6.8CVSS6AI score0.00584EPSS

Exploits1References3

Debian CVE•added 2006/10/03 11:0 p.m.•31 views

CVE-2006-5160

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox...

8.1CVSS7.1AI score0.00447EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by