Lucene search
K

1146 matches found

NVD
NVD
added 2026/03/10 6:18 p.m.13 views

CVE-2026-30939

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.13 and 9.5.1-alpha.2, an unauthenticated attacker can crash the Parse Server process by calling a Cloud Function endpoint with a prototype property name as the function name. The...

8.8CVSS0.0049EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.7 views

PT-2026-24188

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.13 Parse Server versions prior to 9.5.1-alpha.2 Description An unauthenticated attacker can cause a denial of service by crashing the Parse Server process. This occurs by calling a Cloud Function endpoint wit...

8.8CVSS5.7AI score0.0049EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.4 views

SUSE SLES16 Security Update : libxml2, libxslt (SUSE-SU-2026:20631-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20631-1 advisory. Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in...

6.2CVSS6.1AI score0.00755EPSS
Exploits3References24
RedHat Linux
RedHat Linux
added 2026/03/03 8:57 p.m.9 views

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/03 9:54 a.m.4 views

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References5
Veracode
Veracode
added 2026/02/26 6:2 a.m.6 views

Denial Of Service (DoS)

Nodemailer is vulnerable to a denial of service DoS. The vulnerability is due to improper handling of a crafted email address header that triggers infinite recursion in the address parser, which allows an attacker to exhaust resources and disrupt service availability...

7.5CVSS5.8AI score0.00409EPSS
Exploits1References7Affected Software1
RedHat Linux
RedHat Linux
added 2026/02/26 4:25 a.m.13 views

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/25 3:20 p.m.3 views

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/25 12:27 a.m.6 views

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.6 views

openSUSE 15: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-devel-32bit / etc (SUSE-SU-2026:0570-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0570-1 advisory. - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc125681...

6.2CVSS6.2AI score0.00755EPSS
Exploits3References22
OSV
OSV
added 2026/02/15 9:6 a.m.21 views

RLSA-2026:2212 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: openvswitch: fix nested key length validation in the set action CVE-2025-37789 kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability CVE-2025-37819 kernel: RDMA/core: Fi...

7.4CVSS7.5AI score0.00519EPSS
Exploits3References17
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of recursive protection in the kernel stack trace records. This vulnerability could lead t...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/09 2:40 a.m.3 views

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References5
OSV
OSV
added 2026/02/06 9:16 p.m.8 views

CVE-2026-25533 Enclave has a sandbox escape via infinite recursion and error objects

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

6.4CVSS5.7AI score0.0023EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/06 9:16 p.m.5 views

CVE-2026-25533 Enclave has a sandbox escape via infinite recursion and error objects

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

6.4CVSS5.8AI score0.0023EPSS
Exploits1References3
CVE
CVE
added 2026/02/06 9:16 p.m.17 views

CVE-2026-25533

Enclave (enclave-vm) prior to version 2.10.1 contains multiple sandbox weaknesses: AST sanitization can be bypassed with dynamic property accesses; error object hardening does not cover vm module peculiarities; and function constructor access can be circumvented via host object references. The is...

8.8CVSS5.6AI score0.0023EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/06 9:16 p.m.29 views

CVE-2026-25533 Enclave has a sandbox escape via infinite recursion and error objects

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

6.4CVSS0.0023EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/05 5:49 p.m.1 views

Infinite loop

Overview @enclave-vm/core is a Sandbox runtime for secure JavaScript code execution Affected versions of this package are vulnerable to Infinite loop via infinite recursion in the vm module. An attacker can execute arbitrary code outside the intended sandbox by crafting recursive calls that explo...

9.4CVSS6.1AI score0.0023EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/05 5:49 p.m.3 views

Infinite loop

Overview enclave-vm is a Sandbox runtime for secure JavaScript code execution Affected versions of this package are vulnerable to Infinite loop via infinite recursion in the vm module. An attacker can execute arbitrary code outside the intended sandbox by crafting recursive calls that exploit hos...

9.4CVSS6.1AI score0.0023EPSS
Exploits1References2
OSV
OSV
added 2026/02/05 5:49 p.m.4 views

GHSA-X39W-8VM5-5M3P Sandbox escape via infinite recursion and error objects

Note: The npm package has moved to @enclave-vm/core formerly enclave-vm. All fixed versions and guidance refer to @enclave-vm/core. Summary The existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the err...

6.4CVSS6.2AI score0.0023EPSS
Exploits1References5
Rows per page
Query Builder