3981 matches found
CVE-2025-12084
When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents. Mitigation Mitigation for this issue is either not available or the currently...
Denial Of Service (DoS)
urllib3 is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to an unbounded decompression chain, where nested compression layers are not limited, allowing a malicious server to send specially crafted responses that trigger excessive CPU usage and large memory allocation during...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991130)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991130 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive lockin...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2501)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : x86/mce: Work around an erratum on fast string copy instructionsCVE-2022-49124 net: preserve skbendoffset in skbunclonekeeptruesizeCVE-2022-49142...
CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
Exploit for CVE-2025-66478
monorepo-nextjs-npm-nested-versions - VULNERABLE CVE-2025-664...
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...
SUSE CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
Linux Distros Unpatched Vulnerability : CVE-2023-53756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of...
Security Bulletin: IBM Datapower Operations Dashboard could allow a remote attacker to cause a denial of service CVE-2025-53864
Summary Connect2id Nimbus JOSE + JWT is used by the IBM Datapower Operations Dashboard for Javascript Object Signing and Encryption Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause ...
DEBIAN-CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
UBUNTU-CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
CVE-2023-53756 KVM: VMX: Fix crash due to uninitialized current_vmcs
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
CVE-2023-53756 KVM: VMX: Fix crash due to uninitialized current_vmcs
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
PT-2025-49486
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcs touch msr bitmap function...
CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
PlayStation: PS4 BD-J privilege escalation using nested JAR
A PS4 vulnerability was discovered in the Blu-ray Disc Java BD-J privilege escalation using nested JAR files. The vulnerability was found in the PS4 system software versions 13.00 to the latest version 13.02. The vulnerability was caused by a discrepancy between the security policy's path...
CVE-2025-65806
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...
EUVD-2025-201253
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...