Lucene search
K

11336 matches found

OSV
OSV
added yesterday3 views

BIT-PILLOW-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service

Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References5
NVD
NVD
added 2 days ago3 views

CVE-2026-54119

Loop with unreachable exit condition 'infinite loop' in Windows Active Directory allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00834EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-50653

CVE-2026-50653 describes an infinite loop with an unreachable exit condition in Azure Active Directory that can allow a network-based denial of service. The provided documents confirm the issue and its impact as a denial of service via network, but do not include specific exploitation details, af...

7.5CVSS6.1AI score0.00797EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-54119

CVE-2026-54119 describes a loop with an unreachable exit condition in Windows Active Directory that can be exploited to cause a network-based denial of service by an unauthorized attacker. The affected component is Windows Active Directory; the vulnerability stems from an infinite loop, leading t...

7.5CVSS6.1AI score0.00834EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-59203

Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References1
CVE
CVE
added 2 days ago7 views

CVE-2026-62642

The data identifies Roundcube Webmail as affected. Vulnerable component: the TNEF decoder, with an infinite loop leading to denial of service when opening emails containing TNEF attachments. Affected versions are Roundcube Webmail before 1.6.17 and before 1.7.2 (1.7.x). Remediation: upgrade to Ro...

4.3CVSS6.1AI score0.0026EPSS
Exploits0References7
Cvelist
Cvelist
added 2 days ago24 views

CVE-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service

Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...

5.3CVSS0.0039EPSS
Exploits1References4
OSV
OSV
added 2 days ago3 views

CVE-2026-59203 Pillow EpsImagePlugin negative %%BeginBinary byte count causes infinite loop denial of service

Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open to seek backwards to the same directive and parse it repeatedly in an infinite...

5.3CVSS6.1AI score0.0039EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service (CVE-2026-7771)

Summary IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service. Vulnerability Details CVEID:CVE-2026-7771 DESCRIPTION: IBM Db2 is vulnerable to a trap when compiling a specially crafted statements containing subqueries...

6.1AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-58091

Name of the Vulnerable Software and Affected Versions Pillow versions 12.0.0 through 12.2.0 Description The EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count within the %%BeginBinary directive. A specially crafted EPS file can trigger the Image.open function to seek backwards to t...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-58210

Name of the Vulnerable Software and Affected Versions Azure Active Directory versions prior to 8.19.2 Description An infinite loop occurs when an unreachable exit condition is triggered, allowing an unauthorized attacker to remotely cause a denial of service over a network. Recommendations Update...

7.5CVSS6.1AI score0.00797EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-59935

A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 6 days ago4 views

Loop with Unreachable Exit Condition in GNU patch

...

5.5CVSS6.1AI score0.00115EPSS
Exploits0
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-59874

A flaw was found in node-tar, a tar archive manipulation library for Node.js. A remote attacker could exploit this vulnerability by providing a specially crafted tar archive with a negative entry size in its header. This malformed header causes the archive scanner to enter an infinite loop,...

8.7CVSS5.8AI score0.00358EPSS
Exploits1References6
NVD
NVD
added last week5 views

CVE-2026-55865

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS0.00451EPSS
Exploits0References3
EUVD
EUVD
added last week11 views

EUVD-2026-38358

pypdf: Possible infinite loop when processing threads/articles in writer...

6.9CVSS5.9AI score0.00111EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-55865

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS6AI score0.00451EPSS
Exploits0References4Affected Software1
CVE
CVE
added last week15 views

CVE-2026-55865

CVE-2026-55865 concerns the Python Liquid template engine. Before version 2.2.1, a malformed {% case %} tag without a corresponding {% when %} or {% else %} and without a terminating {% endcase %} could cause an infinite loop during parsing, due to an incorrect EOF token handling in liquid.TokenS...

7.1CVSS6AI score0.00451EPSS
Exploits0References3
OSV
OSV
added last week3 views

CVE-2026-55865 Python Liquid: Infinite loop when parsing malformed `{% case %}` tags

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS6.1AI score0.00451EPSS
Exploits0References5
OSV
OSV
added last week2 views

DEBIAN-CVE-2026-56289

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

5.5CVSS6AI score0.00115EPSS
Exploits0References1
Rows per page
Query Builder