Lucene search
K

11326 matches found

NVD
NVD
added yesterday2 views

CVE-2026-54119

Loop with unreachable exit condition 'infinite loop' in Windows Active Directory allows an unauthorized attacker to deny service over a network...

7.5CVSS
Exploits0References1
OSV
OSV
added yesterday3 views

CVE-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service

Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...

5.3CVSS6.1AI score
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service (CVE-2026-7771)

Summary IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service. Vulnerability Details CVEID:CVE-2026-7771 DESCRIPTION: IBM Db2 is vulnerable to a trap when compiling a specially crafted statements containing subqueries...

6.1AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-58210

Name of the Vulnerable Software and Affected Versions Azure Active Directory versions prior to 8.19.2 Description An infinite loop occurs when an unreachable exit condition is triggered, allowing an unauthorized attacker to remotely cause a denial of service over a network. Recommendations Update...

7.5CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 5 days ago7 views

CVE-2026-59935

A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 5 days ago4 views

Loop with Unreachable Exit Condition in GNU patch

...

5.5CVSS6.1AI score0.00115EPSS
Exploits0
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-59874

A flaw was found in node-tar, a tar archive manipulation library for Node.js. A remote attacker could exploit this vulnerability by providing a specially crafted tar archive with a negative entry size in its header. This malformed header causes the archive scanner to enter an infinite loop,...

8.7CVSS5.8AI score0.00358EPSS
Exploits1References6
NVD
NVD
added 6 days ago5 views

CVE-2026-55865

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS0.00451EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago11 views

EUVD-2026-38358

pypdf: Possible infinite loop when processing threads/articles in writer...

6.9CVSS5.9AI score0.00111EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-55865

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS6AI score0.00451EPSS
Exploits0References4Affected Software1
OSV
OSV
added 6 days ago3 views

CVE-2026-55865 Python Liquid: Infinite loop when parsing malformed `{% case %}` tags

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS6.1AI score0.00451EPSS
Exploits0References5
CVE
CVE
added 6 days ago15 views

CVE-2026-55865

CVE-2026-55865 concerns the Python Liquid template engine. Before version 2.2.1, a malformed {% case %} tag without a corresponding {% when %} or {% else %} and without a terminating {% endcase %} could cause an infinite loop during parsing, due to an incorrect EOF token handling in liquid.TokenS...

7.1CVSS6AI score0.00451EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

DEBIAN-CVE-2026-56289

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

5.5CVSS6AI score0.00115EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-56289

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

5.5CVSS0.00115EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-59936

A flaw was found in pypdf, a pure-Python PDF library. A remote attacker can craft a malicious PDF document containing an unterminated inline image within its page content stream. When a user processes this crafted PDF, such as during text extraction, the vulnerability causes an infinite loop,...

8.7CVSS5.9AI score0.00345EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-42557

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

4.6CVSS5.9AI score0.00115EPSS
Exploits0References3
CVE
CVE
added 6 days ago11 views

CVE-2026-56289

CVE-2026-56289 affects GNU patch. The vulnerability is a DoS caused by improper validation of hunk line offsets in unified-diff input, where a crafted patch can specify an extremely large line number, causing an effectively infinite processing loop and high CPU usage, rendering the process unresp...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago11 views

PT-2026-56776

Name of the Vulnerable Software and Affected Versions GNU patch affected versions not specified Description Improper validation of hunk line offsets in unified-diff input allows a denial of service DoS. A hunk is a single block of changes within a diff file. By supplying a specially crafted patch...

5.5CVSS6AI score0.00115EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 6 days ago11 views

Linux Distros Unpatched Vulnerability : CVE-2026-59936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated...

8.7CVSS6.1AI score0.00345EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Erlang/OTP 17.0 < 27.3.4.14 / 28.0 < 28.5.0.3 / 29.0 < 29.0.3 Multiple Vulnerabilities

The version of Erlang/OTP installed on the remote host is 17.0 prior to 27.3.4.14, 28.0 prior to 28.5.0.3, or 29.0 prior to 29.0.3. It is, therefore, affected by multiple vulnerabilities: - Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFT...

6.3CVSS6.2AI score0.0033EPSS
Exploits0References6
Rows per page
Query Builder