Lucene search
K

292 matches found

UbuntuCve
UbuntuCve
added 2022/06/08 6:15 p.m.40 views

CVE-2021-40592

GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a version v1.0.1 onwards contains loop with unreachable exit condition 'infinite loop' vulnerability in ISOBMFF reader filter, isoffinread.c. Function isoffinprocess can result in DoS by infinite loop. To exploit, the victim must...

5.5CVSS6.8AI score0.00816EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/05/20 11:55 p.m.4 views

CVE-2022-29190 Header reconstruction method can be thrown into an infinite loop in Pion DTLS

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available...

7.5CVSS7.5AI score0.01484EPSS
Exploits0References3
OSV
OSV
added 2022/05/15 10:6 a.m.7 views

MGASA-2022-0187 Updated clamav packages fix security vulnerability

Infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. CVE-2022-20770 Infinite loop vulnerability in the TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior...

8.6CVSS7.6AI score0.0663EPSS
Exploits0References5
OSV
OSV
added 2022/05/12 5:57 a.m.6 views

SUSE-SU-2022:1644-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser bsc1199242. - CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check bsc1199246. - CVE-2022-20771: Fixed a possible...

8.6CVSS7.6AI score0.0663EPSS
Exploits0References11
CNNVD
CNNVD
added 2022/04/18 12:0 a.m.5 views

PyPDF2 安全漏洞

PyPDF2 is a free open source pure python PDF library . It can split, merge, crop and convert pages in PDF files. PyPDF2 has a security vulnerability that originated in versions prior to 1.27.5, which allows an attacker to create PDFs that will result in an infinite loop if PyPDF2 if the code trie...

6.2CVSS6.2AI score0.01279EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2022/04/14 12:0 a.m.16 views

The vulnerability of the svx_read_header() function in the audio file reading and writing library libsndfile allows a attacker to cause a service denial.

The vulnerability of the svxreadheader function in the audio file reading and writing library libsndfile is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS5.8AI score
Exploits0References5Affected Software3
RedHat Linux
RedHat Linux
added 2022/03/28 11:42 a.m.53 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impa...

7.5CVSS7AI score0.70561EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2022/03/28 11:7 a.m.309 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7AI score0.70561EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2022/03/28 10:0 a.m.101 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS7AI score0.70561EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2022/03/16 12:0 a.m.63 views

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2022:0851-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0851-1 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli...

7.5CVSS6.8AI score0.70561EPSS
Exploits2References5
OSV
OSV
added 2022/03/15 6:29 p.m.10 views

SUSE-SU-2022:14915-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877...

7.5CVSS7.9AI score0.70561EPSS
Exploits2References3
OSV
OSV
added 2022/03/15 6:27 p.m.3 views

SUSE-SU-2022:0853-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877...

7.5CVSS7.9AI score0.70561EPSS
Exploits2References3
CVE
CVE
added 2021/12/21 8:28 p.m.61 views

CVE-2021-44924

GPAC 1.1.0 contains an infinite loop vulnerability in gf_log that can cause Denial of Service (CVE-2021-44924). Affected component is the gf_log function within GPAC; impact is DoS, with LOCAL/remote possibilities depending on execution context as described in sources. Connected documents confirm...

5.5CVSS5.4AI score0.00607EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/12/21 12:0 a.m.63 views

CVE-2021-45297

GPAC 1.0.1 contains an infinite loop in gf_get_bit_size (CVE-2021-45297). This GPAC multimedia framework issue can cause a denial-of-service condition (partial availability impact per CVSS info). Debian and Gentoo advisories note fixes up to 1.0.1+dfsg1-4+deb11u2; upgrade GPAC to the patched vers...

5.5CVSS5.6AI score0.00622EPSS
Exploits1References2Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2021/11/15 12:0 a.m.32 views

Security update for tinyxml (low)

openSUSE Security Update: Security update for tinyxml Announcement ID: openSUSE-SU-2021:1474-1 Rating: low References: 1191576 Cross-References: CVE-2021-42260 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tinyxml fixes...

7.5CVSS7.4AI score0.03055EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2021/11/09 8:59 a.m.29 views

zziplib security update

An update is available for zziplib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The zziplib is a lightweight library to easily extract data from zip files...

3.3CVSS4.6AI score0.00745EPSS
Exploits1
OSV
OSV
added 2021/11/09 8:59 a.m.21 views

RLSA-2021:4316 Low: zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: infinite loop via the return value of zzipfileread as used in unzzipcatfile CVE-2020-18442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

3.3CVSS4.1AI score0.00745EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.3 views

The vulnerability of the software for ensuring high availability and load balancing for TCP and HTTP applications managed by Haproxy arises from the execution of a loop with an unreachable exit condition. This allows a attacker to cause a service failure.

The vulnerability of the software used for ensuring high availability and load balancing for TCP and HTTP applications managed by Haproxy is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.5CVSS7.4AI score0.7024EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2021/11/01 9:15 a.m.21 views

CVE-2021-41973

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater...

6.5CVSS6.9AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/25 12:24 p.m.4 views

OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacke...

5.3CVSS6.8AI score0.06886EPSS
Exploits0References4
Rows per page
Query Builder