serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...

Improper Handling of Windows Device Names

Overview Affected versions of this package are vulnerable to Improper Handling of Windows Device Names via the safejoin function. An attacker can cause the application to hang indefinitely by requesting a path ending with a Windows special device name. Notes: 1 This is only vulnerable on Windows,...

EUVD-2022-52465

Malicious code in bioql PyPI...

CVE-2025-38436

In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drmschedentitykill removes all jobs belonging to that entity through drmschedentitykilljobswork. If application A's job depends on a...

Denial Of Service (DoS)

org.jboss.narayana.rts:lra-coordinator-jar is vulnerable to a denial of service DoS. The vulnerability is due to a race condition in the LRA Coordinator component. If Cancel is called on an LRA and Join is called with the same LRA ID within approximately 2 seconds, the application may crash or ha...

BIT-GOLANG-2022-30634 Indefinite hang with large buffers on Windows in crypto/rand

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

CVE-2022-30634

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

CVE-2022-30634

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

CVE-2022-30634

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

CVE-2022-30634 Indefinite hang with large buffers on Windows in crypto/rand

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

GO-2022-0477 Indefinite hang with large buffers on Windows in crypto/rand

On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 32 - 1 bytes...

httpd: mod_cgid denial of service

A denial of service flaw was found in the way httpd's modcgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely...