Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.11 views

MiracleLinux 9 : jq-1.6-19.el9_7.0.2 (AXSA:2026-614:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-614:01 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/04/14 12:16 a.m.5 views

CVE-2026-40164

jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations, which allowed an attacker to precompute key collisions offline. By supplying a crafted JSO...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.7 views

MiracleLinux 3 : ruby-1.8.5-22.1.0.1.AXS3 (AXSA:2012-99:1)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-99:1 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

7.8CVSS5.6AI score0.04246EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2011-0557

Malware in sbrugna...

5CVSS8AI score0.01797EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-4074

Malicious code in bioql PyPI...

2.6CVSS4.1AI score0.00176EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1797

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.03351EPSS
Exploits0References7
OSV
OSV
added 2025/09/17 8:11 p.m.3 views

GHSA-HX2H-VJW2-8R54 DragonFly has weak integrity checks for downloaded files

Impact The DragonFly2 uses a variety of hash functions, including the MD5 hash. This algorithm does not provide collision resistance; it is secure only against preimage attacks. While these security guarantees may be enough for the DragonFly2 system, it is not completely clear if there are any...

6.9CVSS6.9AI score0.00152EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/13 5:3 a.m.8 views

Moderate: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

5.9CVSS6.8AI score0.00276EPSS
Exploits0References2
Veracode
Veracode
added 2025/06/02 4:46 a.m.9 views

Hash Collision Attack

vllm is vulnerable to hash collision and data integrity issues. The vulnerability is due to improper image serialization using only raw pixel bytes without metadata, allowing attackers to create images with identical hashes and exploit cache poisoning or access sensitive data...

7.3CVSS4.3AI score0.00266EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/02 7:36 p.m.13 views

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS7.2AI score0.00545EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 9:47 p.m.10 views

GHSA-HQQC-JR88-P6X2 Netty QUIC hash collision DoS attack

An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. See...

5.3CVSS7.1AI score0.00545EPSS
Exploits0References5
NVD
NVD
added 2025/03/31 7:15 p.m.25 views

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS0.00545EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/31 6:43 p.m.6 views

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS7.1AI score0.00545EPSS
Exploits0References3
CVE
CVE
added 2025/03/31 6:43 p.m.71 views

CVE-2025-29908

CVE-2025-29908 affects the Netty QUIC codec (netty-incubator-codec-quic) which uses quiche. The issue is a hash collision in the hash map that manages connections, allowing a remote attacker to induce a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs), causing consi...

5.3CVSS5.2AI score0.00545EPSS
Exploits0References3
OSV
OSV
added 2025/03/31 6:43 p.m.8 views

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS6.6AI score0.00545EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/22 12:26 a.m.6 views

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

5.3CVSS6.9AI score0.00622EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 3:32 a.m.4 views

GHSA-9F57-9RHG-4HVM Kwik hash collision vulnerability

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS5.3AI score0.00535EPSS
Exploits0References5
OSV
OSV
added 2025/02/20 3:15 a.m.8 views

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

5.3CVSS6.9AI score
Exploits0References3
CVE
CVE
added 2025/02/20 12:0 a.m.53 views

CVE-2025-24947

CVE-2025-24947 (LSQUIC) : LSQUIC (LiteSpeed QUIC) versions prior to 4.2.0 are affected by a hash collision vulnerability in the hash table used to manage connections. Remote attackers can trigger a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs) due to XXH32 usage,...

5.3CVSS5.3AI score0.00622EPSS
Exploits0References3
OSV
OSV
added 2020/08/06 6:4 p.m.5 views

SUSE-SU-2020:2157-1 Security update for python-ipaddress

This update for python-ipaddress fixes the following issues: - Add CVE-2020-14422-ipaddress-hash-collision.patch fixing CVE-2020-14422 bsc1173274, bpo41004, where hash collisions in IPv4Interface and IPv6Interface could lead to DOS...

5.9CVSS6.6AI score0.12826EPSS
Exploits0References3
Rows per page
Query Builder