Lucene search
K

206 matches found

AlpineLinux
AlpineLinux
added yesterday5 views

CVE-2026-59884

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with C...

7.5CVSS6.1AI score
Exploits0
OSV
OSV
added 2026/07/06 9:3 a.m.3 views

CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score0.00438EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/07/06 9:3 a.m.6 views

CVE-2026-58226

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score0.00438EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/07/06 9:3 a.m.32 views

CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS0.00438EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 9:3 a.m.4 views

EEF-CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax

Summary Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score0.00438EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.14 views

FreeBSD : Erlang/OTP -- stack overflow in ei_s_print_term for very large integer terms (d87de755-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87de755-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-xcxj-5pg2-v72j reports: Fixed a stack overflow i...

6.9CVSS5.4AI score0.00136EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 4:17 p.m.12 views

CVE-2026-49760

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS0.00136EPSS
Exploits0References5
CVE
CVE
added 2026/06/10 2:35 p.m.28 views

CVE-2026-49760

CVE-2026-49760 is a stack-based buffer overflow in Erlang OTP’s erl_interface ei_s_print_term due to a 2000-character local buffer when formatting very large integers. An encoded term exceeding this size can overflow the buffer, with overflow bytes limited to ASCII 0-9 and A-F, restricting practi...

6.9CVSS5.7AI score0.00136EPSS
Exploits0References5Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/10 2:35 p.m.10 views

CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS5.7AI score0.00136EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/10 2:35 p.m.13 views

EUVD-2026-36052

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS5.7AI score0.00136EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/10 2:35 p.m.33 views

CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS0.00136EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 2:35 p.m.10 views

EEF-CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Summary Stack-based Buffer Overflow vulnerability in Erlang OTP erl\interface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erl\interface/src/misc/ei\printterm.c and program routine ei\s\print\term. The C function ei\s\print\term uses an internal...

6.9CVSS5.7AI score0.00136EPSS
Exploits0References4
OSV
OSV
added 2026/06/10 2:35 p.m.1 views

CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS6.1AI score0.00136EPSS
Exploits0References9
FreeBSD
FreeBSD
added 2026/06/10 12:0 a.m.11 views

Erlang/OTP -- stack overflow in ei_s_print_term for very large integer terms

https://github.com/erlang/otp/security/advisories/GHSA-xcxj-5pg2-v72j reports: Fixed a stack overflow in eisprintterm in erlinterface for very large integer terms more than 2000 hexadecimal digits long...

6.9CVSS5.5AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.21 views

PT-2026-48469

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 27.3.4.12 Erlang OTP versions 28.x prior to 28.5.0.2 Erlang OTP versions 29.x prior to 29.0.2 erl interface versions 3.7.16 through 5.5.2.0 erl interface versions 5.7.x prior to 5.7.0.1 erl interface versions...

6.9CVSS6.3AI score0.00136EPSS
Exploits0References11
CVE
CVE
added 2026/06/09 2:4 p.m.49 views

CVE-2026-49762

The CVE affects Elixir’s standard library Version module (Version.parse/1, parse!/1, parse_requirement/1, match?/3, compare/2). A numeric component in version strings is converted to integers without bounds, enabling an attacker to cause CPU and memory exhaustion (DoS) by supplying a large all-di...

5.1CVSS5.5AI score0.00152EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 2:4 p.m.10 views

EEF-CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service

Summary Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion. The version parser converts numeric version components major, minor, patch and...

5.1CVSS5.5AI score0.00152EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.10 views

Elixir -- Denial of service via unbounded integer parsing in Version

PJUllrich reports: The Version module parses numeric version components without length limits. Untrusted input can trigger creation of arbitrary-precision integers, causing CPU and memory exhaustion...

5.1CVSS5.4AI score0.00152EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.11 views

Elixir -- Denial of service via unbounded integer parsing in Version

PJUllrich reports: The Version module parses numeric version components without length limits. Untrusted input can trigger creation of arbitrary-precision integers, causing CPU and memory exhaustion...

5.1CVSS5.4AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.9 views

CVE-2026-45615

mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c specifically INTEGERoer.c. When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, th...

8.2CVSS5.6AI score0.00197EPSS
Exploits0References1
Rows per page
Query Builder