EUVD-2025-36736

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI CCM versions prior to 3.1.0 and Nagios XI version 5.8.0, which...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.2.4, which stems from insufficient validation ...

AZL-78919 CVE-2025-61723 affecting package golang 1.25.7-1

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

UBUNTU-CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-61723

CVE-2025-61723 describes a PEM parsing performance issue where processing time for some invalid inputs scales non-linearly with input size. The connected advisory for F5 products confirms this PEM parsing quadratic complexity and notes impact on disk encryption and telemetry exporter configuratio...

CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

GO-2025-4009 Quadratic complexity when parsing some invalid inputs in encoding/pem

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

Allocation of Resources Without Limits or Throttling

Overview std/encoding/pem is a Go standard library package std/encoding/pem Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: The processing time for parsing some invalid inputs scales non-linearly with respect to th...

VulnCheck KEV: CVE-2025-12450

The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

Google Go encoding 安全漏洞

Google Go encoding is a code library from Google, Inc. that provides multiple forms of encoding for data based on the Go language. A security vulnerability exists in Google Go encoding that stems from a non-linear correlation between processing time and input size when parsing certain invalid...

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero via the CLAHEImage function in MagickCore/enhance.c. An attacker can cause the process to crash or exhaust system resources by supplying crafted parameters or very small images that result in zero tile dimensions, leadi...

Code-Projects Simple Food Ordering System 代码注入漏洞

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...

WordPress plugin Product Filter by WBW SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A SQL injection...

Devolutions Server 安全漏洞

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server suffers from an improper input validation vulnerability that stems from...

HR Performance Solutions Performance Pro 安全漏洞

HR Performance Solutions Performance Pro is an employee performance management platform from HR Performance USA. A security vulnerability exists in HR Performance Solutions Performance Pro version 3.19.17, which stems from Employee Notes and title and description parameters not properly validatin...