11278 matches found
Security Bulletin: IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service (CVE-2026-7771)
Summary IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service. Vulnerability Details CVEID:CVE-2026-7771 DESCRIPTION: DB2 for Linux is vulnerable to a trap when compiling a specially crafted statements containing...
CVE-2026-59935
A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...
CVE-2026-59874
A flaw was found in node-tar, a tar archive manipulation library for Node.js. A remote attacker could exploit this vulnerability by providing a specially crafted tar archive with a negative entry size in its header. This malformed header causes the archive scanner to enter an infinite loop,...
CVE-2026-55865
Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...
EUVD-2026-38358
pypdf: Possible infinite loop when processing threads/articles in writer...
CVE-2026-55865
Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...
CVE-2026-55865
CVE-2026-55865 concerns the Python Liquid template engine. Before version 2.2.1, a malformed {% case %} tag without a corresponding {% when %} or {% else %} and without a terminating {% endcase %} could cause an infinite loop during parsing, due to an incorrect EOF token handling in liquid.TokenS...
DEBIAN-CVE-2026-56289
GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...
CVE-2026-56289
GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...
CVE-2026-59936
A flaw was found in pypdf, a pure-Python PDF library. A remote attacker can craft a malicious PDF document containing an unterminated inline image within its page content stream. When a user processes this crafted PDF, such as during text extraction, the vulnerability causes an infinite loop,...
EUVD-2026-42557
GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...
CVE-2026-56289
CVE-2026-56289 affects GNU patch. The vulnerability is a DoS caused by improper validation of hunk line offsets in unified-diff input, where a crafted patch can specify an extremely large line number, causing an effectively infinite processing loop and high CPU usage, rendering the process unresp...
Erlang/OTP 17.0 < 27.3.4.14 / 28.0 < 28.5.0.3 / 29.0 < 29.0.3 Multiple Vulnerabilities
The version of Erlang/OTP installed on the remote host is 17.0 prior to 27.3.4.14, 28.0 prior to 28.5.0.3, or 29.0 prior to 29.0.3. It is, therefore, affected by multiple vulnerabilities: - Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFT...
PT-2026-56776
Name of the Vulnerable Software and Affected Versions GNU patch affected versions not specified Description Improper validation of hunk line offsets in unified-diff input allows a denial of service DoS. A hunk is a single block of changes within a diff file. By supplying a specially crafted patch...
Linux Distros Unpatched Vulnerability : CVE-2026-59936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated...
CVE-2026-54772 CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake
CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, an unauthenticated remote attacker that can reach a NetTcpBinding, NetNamedPipeBinding, or UnixDomainSocketBinding endpoint can trigger premature EOF handling in the CoreWCF...
CVE-2026-15163 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service...
CVE-2026-15163
CVE-2026-15163 affects Wireshark up to 4.6.6 and 4.4.16, where multiple protocol dissectors can enter infinite loops due to an unreachable exit condition, causing denial of service (application unresponsiveness). Severity varies by source: NVD lists CVSSv3.1 impact as High (AV:N/AC:L/PR:N/UI:N/S:...
CVE-2026-59935
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...
CVE-2026-59936
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...