Lucene search
K

11 matches found

OSV
OSV
added 6 days ago4 views

GO-2026-5475 containerd image-triggered runtime DoS via unbounded group parsing in github.com/containerd/containerd

containerd image-triggered runtime DoS via unbounded group parsing in github.com/containerd/containerd...

5.8AI score
Exploits0References1
OSV
OSV
added 6 days ago4 views

USN-8471-1 containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu...

9.4CVSS6.4AI score0.00781EPSS
Exploits0References4
Ubuntu
Ubuntu
added 6 days ago9 views

USN-8473-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.4CVSS6.4AI score0.00781EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013196 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchippinctrlparsegroups offindnodebyphandle returns a...

5.7AI score0.00184EPSS
Exploits0References4
OSV
OSV
added 2026/04/12 12:5 a.m.9 views

OSV-2026-565 Heap-buffer-overflow in xmlFAParsePosCharGroup

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=501547873 Crash type: Heap-buffer-overflow READ 1 Crash state: xmlFAParsePosCharGroup xmlFAParseCharGroup xmlFAParseCharGroup...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.1 views

NewStart CGSL MAIN 6.06 : sudo Vulnerability (NS-SA-2025-0224)

The remote NewStart CGSL host, running version MAIN 6.06, has sudo packages installed that are affected by a vulnerability: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during authorizatio...

6.9CVSS7.5AI score0.00333EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/09/04 10:26 a.m.7 views

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.

...

5.9CVSS7AI score0.0038EPSS
Exploits0
OSV
OSV
added 2025/07/05 3:30 a.m.5 views

GHSA-RXF6-323F-44FC Duplicate Advisory: rust-protobuf crate is vulnerable to Uncontrolled Recursion, potentially leading to DoS

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2gh3-rmm4-6rq5. This link is maintained to preserve external references. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup...

5.9CVSS5.7AI score0.0038EPSS
Exploits0References6
OSV
OSV
added 2025/07/05 1:15 a.m.3 views

UBUNTU-CVE-2025-53605

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS5.8AI score0.0038EPSS
Exploits0References4
Amazon
Amazon
added 2025/03/25 12:0 a.m.7 views

Important: libcap

Issue Overview: The PAM module pamcap.so of libcap configuration supports group names starting with "@", during actual parsing, configurations not starting with "@" are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potential...

6.1CVSS6.8AI score0.00149EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/06/23 10:32 a.m.12 views

libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

7.8CVSS7.8AI score0.03239EPSS
Exploits1References4
Rows per page
Query Builder