Lucene search
K

416 matches found

Cvelist
Cvelist
added 2025/08/06 12:37 p.m.10 views

CVE-2025-23320

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure...

7.5CVSS0.00908EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/08/05 12:0 a.m.10 views

The vulnerability of the console-based graphic editor ImageMagick, related to reading beyond the buffer limit of memory, allows a hacker to gain unauthorized access to information.

The vulnerability of the console-based graphic editor ImageMagick is related to reading data beyond the buffer limit of memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to information...

3.7CVSS5.7AI score0.00466EPSS
Exploits0References15Affected Software22
OSV
OSV
added 2025/06/27 1:16 p.m.5 views

OESA-2025-1687 skopeo security update

A command line utility that performs various operations on container images and image repositories Security Fixes: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used lar...

4.3CVSS7AI score0.01956EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/06/07 12:0 a.m.6 views

Shuffling Cards When You Are of Very Little Brain: Low Memory Generation of Permutations

How can we generate a permutation of the numbers $1$ through $n$ so that it is hard to guess the next element given the history so far? The twist is that the generator of the permutation the "Dealer" has limited memory, while the "Guesser" has unlimited memory. With unbounded memory actually $n$...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:41 a.m.8 views

CVE-2024-1093

The Change Memory Limit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the adminlogic function hooked via admininit in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update the memory...

5.3CVSS6.7AI score0.00427EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.5 views

CVE-2022-3759

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...

7.5CVSS6.5AI score0.01216EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:55 p.m.4 views

CVE-2021-28706

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may...

8.6CVSS7.2AI score0.0206EPSS
Exploits0References1
Amazon
Amazon
added 2025/04/29 12:0 a.m.8 views

Medium: docker

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.6 views

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.7 views

Medium: containerd

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.8 views

Medium: containerd

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.5 views

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/04/09 1:8 p.m.14 views

xgrammar Vulnerable to Denial of Service (DoS) by abusing unbounded cache in memory

Summary Xgrammar includes a cache for compiled grammars to increase performance with repeated use of the same grammar. This cache is held in memory. Since the cache is unbounded, a system making use of xgrammar can be abused to fill up a host's memory and case a denial of service. For example,...

6.5CVSS7AI score0.00466EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/03/17 2:15 p.m.3 views

DEBIAN-CVE-2025-29786

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

7.5CVSS7.2AI score0.00577EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/03/17 1:15 p.m.12 views

CVE-2025-29786

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

7.5CVSS7.2AI score0.00577EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-5688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors...

8.1CVSS8.6AI score0.04824EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/12/24 12:0 a.m.6 views

openSUSE Security Advisory (SUSE-SU-2024:4407-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.5AI score0.00408EPSS
Exploits1References5
OSV
OSV
added 2024/12/23 8:49 a.m.9 views

SUSE-SU-2024:4407-1 Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative

This update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative fixes the following issues: - CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java application can lead to a crash due to the JVM memory limit being exceeded in nett...

5.5CVSS7.5AI score0.00408EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.5 views

PT-2024-32648 · Netty +1 · Netty +1

Name of the Vulnerable Software and Affected Versions: Netty versions prior to 4.1.115 Description: The issue is related to an unsafe reading of environment files, potentially causing a denial of service in Netty. When loaded on a Windows application, Netty attempts to load a file that does not...

9.9CVSS7.4AI score0.97809EPSS
Exploits22References55
Tenable Nessus
Tenable Nessus
added 2024/11/06 12:0 a.m.16 views

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-8846)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8846 advisory. aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex...

8.2CVSS6.6AI score0.00969EPSS
Exploits0References4
Rows per page
Query Builder