Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21 matches found

CNNVD
CNNVDadded 2026/06/03 12:0 a.m.4 views

FreeIPMI 安全漏洞

FreeIPMI is an open-source server remote management toolset provided by FreeIPMI, which offers features for managing and monitoring IPMI interfaces. Versions of FreeIPMI prior to 1.6.18 contained security vulnerabilities. These vulnerabilities stemmed from buffer overflows in the response message...

7.5CVSS5.6AI score0.00405EPSS
Exploits0References3
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow prior to version 10.0.0. It is a denial-of-service attack where memory is uncontrollably allocated to processing a given task, potentially causing a service to crash due to running out of memory. This occurs for truetype in ImageFont when textlength in an ImageDra...

7.5CVSS6.6AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : python-pillow-5.1.1-20.el8 (AXSA:2024-8290:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8290:04 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extract...

7.5CVSS5.5AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : python-pillow-2.0.0-24.gitd1c6db8.el7 (AXSA:2024-7452:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7452:01 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extract...

7.5CVSS7.7AI score0.01038EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/02/07 6:7 p.m.10 views

CVE-2025-25062

An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It doesn't sufficiently isolate long text content when the CKEditor 5 rich text editor is used. This allows a potential attacker to craft specialized HTML and JavaScript that may be executed when an...

4.4CVSS5.7AI score0.0164EPSS
Exploits3References1
CVE
CVEadded 2025/02/03 12:0 a.m.74 views

CVE-2025-25062

CVE-2025-25062 is an XSS vulnerability in Backdrop CMS (CKEditor 5 module) affecting 1.28.x prior to 1.28.5 and 1.29.x prior to 1.29.3. The issue arises from insufficient isolation of long text content, enabling crafted HTML/JS to execute when an administrator edits content. Exploitation prospect...

4.4CVSS5.8AI score0.0164EPSS
Exploits3References3Affected Software1
Cvelist
Cvelistadded 2025/02/03 12:0 a.m.17 views

CVE-2025-25062

An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It doesn't sufficiently isolate long text content when the CKEditor 5 rich text editor is used. This allows a potential attacker to craft specialized HTML and JavaScript that may be executed when an...

4.4CVSS0.0164EPSS
Exploits3References3
RedHat Linux
RedHat Linuxadded 2024/05/22 10:16 a.m.3 views

python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument

A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References6
Amazon
Amazonadded 2024/04/01 12:0 a.m.2 views

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...

7.5CVSS7.5AI score0.01038EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2024/02/29 7:47 p.m.2 views

python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument

A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/01/23 4:29 p.m.10 views

python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument

A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References6
Amazon
Amazonadded 2023/12/14 12:0 a.m.4 views

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...

7.5CVSS6.8AI score0.01038EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2023/11/07 1:48 a.m.1 views

SUSE CVE-2023-44271

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS7.6AI score0.01038EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2023/11/03 5:15 a.m.3 views

CVE-2023-44271

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS7.3AI score0.01038EPSS
Exploits0References7
Cvelist
Cvelistadded 2023/11/03 12:0 a.m.27 views

CVE-2023-44271

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.7AI score0.01038EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2023/11/03 12:0 a.m.33 views

CVE-2023-44271

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS6.8AI score0.01038EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/06/30 12:0 a.m.2 views

PT-2023-9330

Name of the Vulnerable Software and Affected Versions Pillow versions prior to 10.0.0 Description The issue is related to a Denial of Service in Pillow, where the truetype function in ImageFont uncontrollably allocates memory when processing a long text argument in an ImageDraw instance. This can...

8.7CVSS6.7AI score0.01038EPSS
Exploits0References69
SUSE CVE
SUSE CVEadded 2023/02/15 5:55 a.m.4 views

SUSE CVE-2011-0058

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a long string that triggers construction of a long text run...

10CVSS8AI score0.05497EPSS
Exploits0References5
Prion
Prionadded 2011/01/13 7:0 p.m.18 views

Buffer overflow

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long text1 parameter...

10CVSS8.3AI score0.15629EPSS
Exploits4References6Affected Software1
RedHat Linux
RedHat Linuxadded 2007/02/24 2:41 a.m.3 views

security flaw

Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line...

9.3CVSS6.5AI score0.04691EPSS
Exploits0References4
Rows per page
Query Builder