Lucene search
K

182 matches found

OSV
OSV
added 2025/02/26 7:0 a.m.37 views

UBUNTU-CVE-2022-49152

In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xascreaterange when multi-order entry present If there is already an entry present that is of order = XACHUNKSHIFT when we call xascreaterange, xascreaterange will misinterpret that entry as a node and dereference...

4.7CVSS6AI score0.00187EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2025/01/30 5:51 p.m.30 views

Go Ethereum vulnerable to DoS via malicious p2p message

Impact A vulnerable node can be forced to shutdown/crash using a specially crafted message. During the peer-to-peer connection handshake, a shared secret key is computed. The implementation did not verify whether the EC public key provided by the remote party is a valid point on the secp256k1...

8.7CVSS9.3AI score0.00681EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/01/30 4:15 p.m.14 views

CVE-2025-24883

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13...

8.7CVSS0.00681EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.7 views

Go Ethereum 安全漏洞

Go Ethereum is an official Go implementation of the Ethernet protocol for the Ethereum community. A security vulnerability exists in Go Ethereum versions prior to 1.14.0 through 1.14.13, which stems from the fact that vulnerable nodes can force a shutdown/crash using a specially crafted message...

8.7CVSS6.7AI score0.00681EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.6 views

PT-2024-35488 · Unknown · Bitcoin Core

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.20.0 Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by sending a malformed GETDATA message. This can lead to a node crash. Recommendations: For...

7.5CVSS7.4AI score0.00607EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/06/25 11:17 p.m.3 views

SUSE CVE-2024-38355

Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...

7.5CVSS6.8AI score0.0069EPSS
Exploits0References4
OSV
OSV
added 2024/06/19 3:4 p.m.2 views

GHSA-25HC-QCG6-38WJ socket.io has an unhandled 'error' event

Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. node:events:502 throw err; // Unhandled 'error' event ^ Error ERRUNHANDLEDERROR: Unhandled error. undefined at new NodeError node:internal/errors:405:5 at...

7.3CVSS6.8AI score0.0069EPSS
Exploits0References5
OSV
OSV
added 2024/05/14 7:17 a.m.36 views

BIT-ELASTICSEARCH-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS5.8AI score0.00943EPSS
Exploits0References4
CVE
CVE
added 2024/04/09 12:0 a.m.7288 views

CVE-2024-30676

The connected PT-2024-23559 entry identifies a Denial-of-Service flaw in ROS2 Iron Irwini, where ROS2 nodes can be remotely crashed (DoS) by a malicious user, disrupting system operation. Affected setup specifies ROS VERSION 2 with ROS PYTHON VERSION 3. Until a patch is available, the recommendat...

6.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/04/03 1:54 a.m.5 views

SUSE CVE-2024-23449

An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...

5.3CVSS6.9AI score0.00681EPSS
Exploits0References3
OSV
OSV
added 2024/03/29 12:15 p.m.4 views

UBUNTU-CVE-2024-23449

An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...

5.3CVSS5.8AI score0.00681EPSS
Exploits0References3
OSV
OSV
added 2024/03/27 6:32 p.m.2 views

GHSA-W5GG-2Q56-6H4F Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

4.9CVSS6.8AI score0.00943EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/03/27 6:32 p.m.29 views

Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS6.6AI score0.00943EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/03/27 5:15 p.m.25 views

CVE-2024-23450

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS4.9AI score0.00943EPSS
Exploits0References3
OSV
OSV
added 2024/03/27 5:15 p.m.1 views

UBUNTU-CVE-2024-23450

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS6.7AI score0.00943EPSS
Exploits0References2
OSV
OSV
added 2024/03/27 5:3 p.m.12 views

CVE-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

4.9CVSS6.3AI score0.00943EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.7 views

Elasticsearch 安全漏洞

Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch versions prior to 7.17.19 and prior to 8.13.0, which stems from the fact that processing a document in a deeply nested pipeline on an ingest node may cause an Elasticsearch node to crash...

7.5CVSS6.2AI score0.00943EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 10:51 a.m.29 views

BIT-ELASTICSEARCH-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS7.3AI score0.00844EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/12/04 9:57 a.m.2 views

mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...

7.5CVSS5.8AI score0.02021EPSS
Exploits0References4
Veracode
Veracode
added 2023/11/23 7:34 a.m.236 views

Denial Of Service (DoS)

elasticsearch is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a lack of exception handling while calling the simulate pipeline API. The script processor of an ingest pipeline fails to handle malformed scripts. This can lead to an elastic node crash and ultimately deny...

7.5CVSS7AI score0.00844EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder