Avro 资源管理错误漏洞

Avro is a fast Go Avro decoder developed by hamba. Versions prior to 2.33.0 contained a resource management vulnerability. This vulnerability stemmed from the Avro array and mapping decoders’ tendency to loop through a counter controlled by the attacker without checking the error status of the...

LiquidJS has a renderLimit DoS guard bypass via empty `{% for %}` body

Summary The renderLimit option — documented in docs/source/tutorials/dos.md as the mechanism that "mitigates this by limiting the time consumed by each render call" — can be fully bypassed by a % for % or % tablerow % tag whose body is empty. The per-iteration time check is reached only when the...

CVE-2026-31784

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pxp: Clear restart flag in pxpstart after jumping back If we don't clear the flag we'll keep jumping back at the beginning of the function once we reach the end. cherry picked from commit...

[SECURITY] Fedora 43 Update: libcgif-0.5.3-1.fc43

A fast and lightweight GIF encoder that can create GIF animations and images. Summary of the main features: - user-defined global or local color-palette with up to 256 colors limit of the GIF format - size-optimizations for GIF animations: - option to set a pixel to transparent if it has identica...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Fedora 42 : webkitgtk (2025-7536d2d941)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7536d2d941 advisory. Fix seeking and looping of media elements that set the loop property. Fix several crashes and rendering issues. Fix CVE-2025-13947, CVE-2025-43458,...

CVE-2025-20217

CVE-2025-20217 affects Cisco Secure Firewall Threat Defense Software Snort 3 Detection Engine. A vulnerability in the packet inspection processing allows an unauthenticated, remote attacker to trigger an infinite loop while inspecting traffic, causing a DoS condition. The system watchdog restarts...

GHSA-GRV7-FG5C-XMJG Uncontrolled resource consumption in braces

The NPM package braces fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing...

CVE-2024-26780 af_unix: Fix task hung while purging oob_skb in GC.

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in listforeachentrysafe for OOB skb. 0 syzbot demonstrated that the listforeachentrysafe was not actually...

OESA-2024-1354 telnet security update

Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. The package includes a remote login client program for telnet and a server daemon. Security Fixes: telnetd ...

CVE-2024-1931

NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...

Out-of-bounds

Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdprocessblock autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns...

High possibility of DOS

Lines of code Vulnerability details Impact In the claimAuction function there is a high possibility of DOS where the auction winner is unable to claim the NFT due to high gas cost or not enough gas, this is due to the functions having three loops on same array of all bids, they are in the...

SUSE CVE-2004-0789

Multiple implementations of the DNS protocol, including 1 Poslib 1.0.2-1 and earlier as used by Posadis, 2 Axis Network products before firmware 3.13, and 3 Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service CPU and network bandwidth...

A BETTER APPROACH TO REVERTING CODE LINES ON _ADDCOLLATERALTOVAULT() AND _REMOVECOLLATERAL()

Lines of code Vulnerability details Impact In PaperControl.sol, callers would have to deal with function pre-maturely reverting upon encountering an element in collateralArr failing to pass the if statement in the function logic of addCollateralToVault and removeCollateral. The amount of gas wast...

Miss tier 0 when looping through all tiers

Lines of code Vulnerability details Impact Miss tier 0 when looping through all tiers, which will result in wrong data as not all tiers data are counted. Proof of Concept Tools Used Recommended Mitigation Steps Include the tier 0 when looping through all tiers and modify the codes to as follows:...

Function may fail when called due to the imprecise length of arrays to be looped (initialize function)

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Even though the array is calldata, there are...

Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU

It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 previously known as avro-rs. Users should update to apache-avro version 0.14.0 which addresses this issue...

Attacker can frontrun and reenter this function causing users to get griefed

Lines of code Vulnerability details Impact 1. attacker calls createFor and there is reentracy in safemint and an attacker can reenter and just keep increasing count just a side note 2. but what an attacker can do is when a user wants to call this function or launch a project an attacker frontruns...

GSD-2022-1004089 dm stats: add cond_resched when looping over entries

dm stats: add condresched when looping over entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.317 by commit...