Lucene search
K

1146 matches found

RedHat Linux
RedHat Linux
added 2026/06/02 7:43 a.m.15 views

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.2CVSS5.8AI score0.00144EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 7:16 p.m.10 views

CVE-2026-40989

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

6.5CVSS0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 5:49 p.m.14 views

EUVD-2026-33733

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:49 p.m.11 views

CVE-2026-40989

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/01 5:49 p.m.29 views

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 5:49 p.m.9 views

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 5:49 p.m.27 views

CVE-2026-40989

CVE-2026-40989 affects Spring Cloud Function lineages (3.2.x, 4.1.x, 4.2.x, 4.3.x, 5.0.x) with older/unsupported versions also impacted. The issue is an infinite recursion in the routing layer that can cause an Out-Of-Memory (OOM) condition during request handling. The root cause is not fully dis...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

VMware Spring Cloud Function 安全漏洞

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from infinite recursion at the routing layer, potentially leading to a memory insufficiency...

6.5CVSS5.3AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45514

Name of the Vulnerable Software and Affected Versions Spring Cloud Function versions prior to 3.2.16 Spring Cloud Function versions prior to 4.1.10 Spring Cloud Function versions prior to 4.2.6 Spring Cloud Function versions prior to 4.3.3 Spring Cloud Function versions prior to 5.0.2 Spring Clou...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/30 2:12 a.m.16 views

CVE-2026-45102

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 8:16 p.m.13 views

CVE-2026-45102

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS0.00266EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 6:50 p.m.8 views

CVE-2026-45102

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/27 6:50 p.m.21 views

CVE-2026-45102

CVE-2026-45102 concerns OneUptime, an open-source monitoring platform. Prior to version 10.0.98, OneUptime used Node.js vm module as an isolation primitive, which is not intended for security boundaries and can be escaped via error objects and infinite recursion, potentially enabling remote code ...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

OneUptime 安全漏洞

OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.98 contained security vulnerabilities. These vulnerabilities stemmed from the use of the Node.js vm module as an isolation primitive,...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libxml2

The parser.c file in libxml2 before version 2.9.5 does not prevent infinite recursion in parameter entities...

7.5CVSS6.8AI score0.05928EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in SQLite3

In SQLite, from version 3.30.1 onwards, alter.c allows attackers to trigger infinite recursion through certain types of self-referential views in conjunction with ALTER TABLE statements...

5.5CVSS7AI score0.00566EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в u-boot

A carefully crafted self-referential DOS partition table will cause all Das U-Boot versions up to 2019.07-rc4 to infinitely recur, causing the stack to grow indefinitely. This could lead to a system crash or the overwriting of other data...

7.1CVSS6.7AI score0.00404EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a potential security issue involving infinite recursion in the MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 addresses this issue...

5.5CVSS5.2AI score0.00161EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Qemu

A stack overflow due to an infinite recursion vulnerability was detected in the eepro100 i8255x device emulator of QEMU. This issue occurs during the processing of controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or cause the QEMU...

5.5CVSS5.7AI score0.00411EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 7:25 p.m.6 views

CLSA-2026-1779218750 gcc: Fix of 2 CVEs

CVE-2021-3826: fix buffer overflow in dlanglname function to prevent denial of service - CVE-2021-46195: fix infinite recursion in rust demangler to prevent denial of service...

6.5CVSS6.2AI score0.01089EPSS
Exploits1References1
Rows per page
Query Builder