Linux Distros Unpatched Vulnerability : CVE-2024-2397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This...

Linux Distros Unpatched Vulnerability : CVE-2023-30300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop. CVE-2023-30300 Note that Nessus relies on the presence of the package as reporte...

Linux Distros Unpatched Vulnerability : CVE-2022-48635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when...

Linux Distros Unpatched Vulnerability : CVE-2020-26575

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c ...

CVE-2025-27104 double eval in For List Iter in Vyper

vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single expression is possible in the iterator target of a for loop. While the iterator expression cannot produce multiple writes, it can consume side effects produced in the loop body e.g. read a storage variable...

EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-1193)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored,...

USN-7096-2 openjdk-8 regressions

USN-7096-1 fixed vulnerabilities in OpenJDK 8. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under...

ROS-20250121-07

Vulnerability of ECMP dissector of computer network traffic analyzer Wireshark is related to insufficient inadequate validation of user input. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in FiveCo RAP dissector of Wireshark computer network...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : libsoup3 vulnerabilities (USN-7127-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7127-1 advisory. It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue...

org.apache.commons:commons-compress Dependency in Bamboo Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector o...

CBL Mariner 2.0 Security Update: libsoup (CVE-2024-52532)

The version of libsoup installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52532 advisory. - GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain...

PYSEC-2024-246

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. This issue is caused by an incorrect assertion...

CVE-2024-26848

In the Linux kernel, the following vulnerability has been resolved: afs: Fix endless loop in directory parsing If a directory has a block with only ".afsXXXX" files in it from uncompleted silly-rename, these .afsXXXX files are skipped but without advancing the file position in the dircontext. Thi...

ROS-20240411-09

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

ROS-20240411-10

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

Updated java 1.8.0, 11 & latest packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Array out-of-bounds access due to missing range check in C1 compiler. CVE-2024-20918 RSA padding issue and timing side-channel attack against TLS. CVE-2024-20952 Arbitrary Java code execution in Nashorn. CVE-2024-20926 JVM class file verifier fla...

PT-2023-28390 · Withsecure · Withsecure Elements Endpoint Protection +5

Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...

CVE-2023-36464 Infinite Loop when a comment isn't followed by a character in pypdf

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if parsecontentstream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request 969 and resolv...

Important: byacc

Issue Overview: When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free. CVE-2021-33641 When a file is processed, an infinite loop occurs in nextinline of the morecurly function. CVE-2021-33642...

CVE-2023-21087

In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...