Lucene search
K

327 matches found

RedHat Linux
RedHat Linux
added 4 days ago2 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
NVD
NVD
added 5 days ago8 views

CVE-2026-15308

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS0.00553EPSS
Exploits0References8
Cvelist
Cvelist
added 5 days ago47 views

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS0.00553EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 5 days ago7 views

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42638

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-56871

Name of the Vulnerable Software and Affected Versions CPython affected versions not specified Description The incremental HTML parser html.parser.HTMLParser contains an issue that allows for CPU denial-of-service when processing uncontrolled data. The root cause is improper input handling that...

8.7CVSS6AI score0.00553EPSS
Exploits0References22
RedHat Linux
RedHat Linux
added 2026/07/06 2:31 p.m.4 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS5.8AI score0.00341EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 12:20 a.m.6 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS6.5AI score0.00341EPSS
Exploits0References5
OSV
OSV
added 2026/06/27 6:4 a.m.6 views

RLSA-2026:28581 Important: python3.14 security, bug fix, and enhancement update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS7.5AI score0.0029EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2026/06/27 6:4 a.m.6 views

python3.14 security, bug fix, and enhancement update

An update is available for python3.14. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

7.1CVSS7.6AI score0.0029EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.9 views

RockyLinux 10 : python3.14 (RLSA-2026:28581)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:28581 advisory. python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open API CVE-2026-4786 python: Python: Cross-Site Scripting XSS...

7.1CVSS6.3AI score0.0029EPSS
Exploits1References5
NVD
NVD
added 2026/06/25 1:16 p.m.10 views

CVE-2026-40209

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS0.00404EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 12:23 p.m.8 views

CVE-2026-40209

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 12:23 p.m.31 views

CVE-2026-40209 Denial of service via IXFR queries

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS0.00404EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 12:23 p.m.12 views

CVE-2026-40209

CVE-2026-40209 describes a denial-of-service risk where an attacker can send IXFR queries causing outgoing TCP connections to a backend to remain open until timeouts, potentially exhausting available file descriptors or hitting concurrent-connection limits. The core issue is a hang/linger conditi...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39348

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/25 12:23 p.m.5 views

CVE-2026-40209

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/24 12:3 p.m.12 views

python3.14 security, bug fix, and enhancement update

An update is available for python3.14. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

7.1CVSS6.3AI score0.0029EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/06/24 5:8 a.m.9 views

Important: Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update

An update for python3.14 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.1CVSS6.4AI score0.0029EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/23 11:39 p.m.12 views

Important: Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update

An update for python3.14 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.1CVSS6.4AI score0.0029EPSS
Exploits1References3
Rows per page
Query Builder