Lucene search
+L

40 matches found

OSV
OSV
added 2026/02/19 7:21 p.m.9 views

CVE-2026-26201 emp3r0r Affected by Concurrent Map Access DoS (panic/crash)

emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...

7CVSS5.5AI score0.00291EPSS
Exploits1References5
Snyk
Snyk
added 2026/02/17 9:27 p.m.4 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 9:27 p.m.3 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 9:27 p.m.3 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 9:27 p.m.6 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 9:27 p.m.7 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/19 12:41 a.m.11 views

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

7.5CVSS6.7AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/12/18 7:16 p.m.3 views

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...

7.5CVSS5.8AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2025/11/20 6:31 p.m.4 views

GHSA-F786-75F3-74XJ OSV-SCALIBR has NULL Pointer Dereference

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

4.8CVSS6.8AI score0.00104EPSS
Exploits0References4
CVE
CVE
added 2025/11/20 3:30 p.m.16 views

CVE-2025-13425

OSV-SCALIBR (CVE-2025-13425) is a vulnerability in the Go-based OSV-SCALIBR project where the filesystem traversal fallback path overindexes an empty slice in fs/diriterate/diriterate.go:Next() if ReadDir returns nil for an empty directory, causing a panic and a potential denial-of-service. Affec...

4.8CVSS6.5AI score0.00104EPSS
Exploits0References1
RustSec
RustSec
added 2025/11/07 12:0 p.m.5 views

Underflow in aes_key_unwrap function

The aeskeyunwrap function would panic if passed a ciphertext that was too short. In a debug build, it would panic due to a subtraction underflow. In a release build, it would use the small negative quantity to allocate a vector. Since the allocator expects an unsigned quantity, the negative value...

5.3CVSS6.9AI score0.00302EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2025/10/24 11:23 p.m.6 views

SUSE CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

7.5CVSS7.1AI score0.00312EPSS
Exploits0References2
OSV
OSV
added 2025/09/30 6:1 p.m.9 views

GHSA-G88P-R42R-PPP9 Repository Credentials Race Condition Crashes Argo CD Server

Summary A race condition in the repository credentials handler can cause the Argo CD server to panic and crash when concurrent operations are performed on the same repository URL. Details The vulnerability is located in numerous repository related handlers in the util/db/repositorysecrets.go file...

6.5CVSS6.8AI score0.00441EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/09/29 8:40 p.m.10 views

go-f3 module vulnerable to integer overflow leading to panic

Impact Filecoin nodes consuming F3 messages are vulnerable. go-f3 panics when it validates a "poison" messages. A "poison" message can can cause integer overflow in the signer index validation. In Lotus' case, the whole node will crash. There is no barrier to entry. An attacker doesn't need any...

7.5CVSS7.2AI score0.00312EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/01/15 1:5 p.m.10 views

CVE-2024-57901 af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...

5.5CVSS6AI score0.00257EPSS
Exploits0References14
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

DEBIAN-CVE-2024-56639

In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsrinitskb to allocate larger skb for RedBox case. Indeed, sendhsrsupervisionframe will add two additional components struct hsrsuptlv and struc...

5.5CVSS5.6AI score0.00182EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2022/12/15 12:10 p.m.11 views

A Security Vulnerability in the KmsdBot Botnet

Security researchers found a software bug in the KmsdBot cryptomining botnet: With no error-checking built in, sending KmsdBot a malformed command­--like its controllers did one day while Akamai was watching­--created a panic crash with an "index out of range" error. Because theres no persistence...

2AI score
Exploits0
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2022/02/15 7:16 p.m.9 views

Consul Ingress Gateway Panic Can Shutdown Servers

Summary Consul and Consul Enterprise “Consul” clusters with at least one Ingress Gateway allow a user with service:write permissions to register a specifically-defined service that will cause the Consul server to panic. This vulnerability, CVE-2022-24687, was fixed in Consul 1.9.15, 1.10.8, and...

6.5CVSS6.7AI score0.01387EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2021/09/16 3:24 p.m.3 views

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.034EPSS
Exploits1References5
CERT
CERT
added 2003/06/11 12:0 a.m.35 views

SGI IRIX vulnerable to DoS when user space program calls the PIOCSWATCH ioctl() function

Overview A vulnerability in the SGI IRIX PIOCSWATCH ioctl function may allow local attackers to crash the operating system. Description SGI states that PIOCSWATCH ioctl "establishes or clears a set of watched areas in the traced process." According to SGI Security Advisory 20030603-01-P, a local...

2.1CVSS5.8AI score0.00358EPSS
Exploits0References3
Rows per page
Query Builder