crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A upper-bound check has been added to user inputs in the signal ioctl function. Extremely large input values in amdgpuuserqsignalioctl can lead to a Out-of-Memory error OOM. This vulnerability could be exploited...

CVE-2026-6284

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

CVE-2026-6284

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

DEBIAN-CVE-2025-62706

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable...

CVE-2025-61920

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes...

PT-2025-41596

Name of the Vulnerable Software and Affected Versions Authlib versions prior to 1.6.5 Description Authlib, a Python library for building OAuth and OpenID Connect servers, has an issue in its JOSE implementation. It accepts JWS/JWT header and signature segments without size limits. An attacker can...

Incorrect setting of EthIBCDenom invalidates risk management limits

Lines of code Vulnerability details Impact In the documentation, it is stated that: For risk management purposes, a swap will fail if the input coin amount exceeds a pre-defined limit 10 USDC, 10 USDT, 0.01 ETH or if the swap amount limit is not defined. However, in the code it defined as:...

SUSE CVE-2020-36475

An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. The calculations performed by mbedtlsmpiexpmod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs...

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...