parse-server has GraphQL complexity validator exponential fragment traversal DoS

Impact The GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads. A single unauthenticated request can block the Node.js event loop for seconds, denying service to all concurrent users. This only affects...

GHSA-MFJ6-6P54-M98C parse-server has GraphQL complexity validator exponential fragment traversal DoS

Impact The GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads. A single unauthenticated request can block the Node.js event loop for seconds, denying service to all concurrent users. This only affects...

CLEANSTART-2026-NV34418 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate

Multiple security vulnerabilities affect the argo-cd-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details...

Decryption Thorough Polynomial Ambiguity: Noise-Enhanced High-Memory Convolutional Codes for Post-Quantum Cryptography

We present a novel approach to post-quantum cryptography that employs directed-graph decryption of noise-enhanced high-memory convolutional codes. The proposed construction generates random-like generator matrices that effectively conceal algebraic structure and resist known structural attacks...

[SECURITY] Fedora 41 Update: rust-regex-1.12.2-1.fc41

An implementation of regular expressions for Rust. This implementation uses finite automata and guarantees linear time matching on all inputs...

[SECURITY] Fedora 42 Update: rust-regex-1.12.2-1.fc42

An implementation of regular expressions for Rust. This implementation uses finite automata and guarantees linear time matching on all inputs...

[SECURITY] Fedora 43 Update: rust-regex-1.12.2-1.fc43

An implementation of regular expressions for Rust. This implementation uses finite automata and guarantees linear time matching on all inputs...

CVE-2025-58187

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains. Mitigation Mitigation for this issue is either not available or the...

AZL-78913 CVE-2025-58187 affecting package golang 1.25.7-1

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

EUVD-2015-1426

Malware in sbrugna...

An Efficient Construction of Raz's Two-Source Randomness Extractor with Improved Parameters

Randomness extractors are algorithms that distill weak random sources into near-perfect random numbers. Two-source extractors enable this distillation process by combining two independent weak random sources. Raz's extractor STOC '05 was the first to achieve this in a setting where one source has...

Nearly-Linear Time Private Hypothesis Selection with the Optimal Approximation Factor

Estimating the density of a distribution from its samples is a fundamental problem in statistics. Hypothesis selection addresses the setting where, in addition to a sample set, we are given $n$ candidate distributions -- referred to as hypotheses -- and the goal is to determine which one best...

Fedora: Security Advisory for treelayout (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: treelayout-1.0.3-23.fc40

Efficiently create compact, highly customizable tree layouts. The software builds tree layouts in linear time; i.e., even trees with many nodes are built quickly...

[SECURITY] Fedora 36 Update: rust-regex-1.5.5-1.fc36

Implementation of regular expressions for Rust. This implementation uses fini te automata and guarantees linear time matching on all inputs...

[SECURITY] Fedora 35 Update: rust-regex-1.5.5-1.fc35

Implementation of regular expressions for Rust. This implementation uses fini te automata and guarantees linear time matching on all inputs...

[SECURITY] Fedora 34 Update: rust-regex-1.5.5-1.fc34

Implementation of regular expressions for Rust. This implementation uses fini te automata and guarantees linear time matching on all inputs...

CVE-2021-40110 Apache James IMAP vulnerable to a ReDoS

In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of...

GHSA-Q8PJ-2VQX-8GGC Denial of service in css-what

The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input...

CVE-2021-33587

A flaw was found in nodejs-css-what. The css-what package for Node.js does not ensure that attribute parsing has a Linear Time Complexity relative to the size of the input. The highest threat from this vulnerability is to system availability...