Lucene search
K

175 matches found

CVE
CVE
added 2024/12/05 10:45 p.m.4528 views

CVE-2024-52798

CVE-2024-52798 concerns the path-to-regexp library. The DoS arises when path-to-regexp outputs regex patterns that backtrack, enabling high CPU/blocked event loop in vulnerable inputs. Public sources reference the 0.1.x line as the origin and recommend upgrading specifically to 0.1.12; later advi...

8.7CVSS6.3AI score0.00792EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/12/01 12:0 a.m.15 views

Fedora 41 : webkitgtk (2024-472d01833c)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-472d01833c advisory. Improve memory consumption and performance of Canvas getImageData. Fix preserve-3D intersection rendering. Fix video dimensions since GStreamer...

8.8CVSS7.7AI score0.22728EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: dpll: fix possible deadlock during netlink dump operation

A vulnerability was found in the Linux kernel, where an ABBA deadlock condition may be created if multiple CPUs attempt a DPLL netlink dump operation simultaneously. This deadlock could lead to performance issues...

5.5CVSS7AI score0.0015EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.11 views

EulerOS Virtualization 2.12.0 : bind (EulerOS-SA-2024-2765)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer...

7.5CVSS7.8AI score0.02114EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential performance issue caused by failure to reschedule during an overflow refresh...

5.5CVSS8.3AI score0.00219EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/10/16 6:50 p.m.24 views

CVE-2024-47187 Suricata datasets: missing hashtable random seed leads to potential DoS

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...

7.5CVSS7.1AI score0.00306EPSS
Exploits0References2
OSV
OSV
added 2024/10/16 1:32 a.m.27 views

MGASA-2024-0333 Updated unbound packages fix security vulnerabilities

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

5.3CVSS5.4AI score0.00801EPSS
Exploits0References2
Citrix
Citrix
added 2024/09/06 12:0 a.m.14 views

Performance issues with Intel GPUs and Citrix Workspace App

Customers using the Citrix Workspace App with Intel Arc GPUs and Intel GPU driver version 4824 could experience performance issues and lag The performance issues are present in Intel Arc A-series GPUs and Intel Core Ultra with built-in Arc GPUs, for example: Intel Arc A-Series Graphics Intel Arc...

7.2AI score
Exploits0
Amazon
Amazon
added 2024/08/15 12:0 a.m.11 views

Important: bind

Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...

7.5CVSS7.1AI score0.02114EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/17 1:6 a.m.5 views

kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index

A vulnerability was found in the Linux kernel's memory management subsystem. The wakeupkswapd function was called with an incorrect zone index. This error could disrupt the proper functioning of memory management, potentially leading to system instability or performance issues...

5.5CVSS7.2AI score0.00241EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/06/19 1:12 a.m.9 views

Low: Red Hat Bug Fix Advisory: kernel bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fixes: DELL 9.4 BUG - Screen shows garbage sometimes rhel-9.4.z JIRA:RHEL-36534 cifs - Unable to mount CIFS shares after upgrading to...

7.1CVSS6.6AI score0.00248EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.5 views

PT-2024-14409 · Unknown · Wallpaper Service Module

Name of the Vulnerable Software and Affected Versions: Wallpaper service module affected versions not specified Description: The issue is related to an unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perfo...

5.3CVSS5AI score0.00335EPSS
Exploits0References7
Citrix
Citrix
added 2023/11/21 12:0 a.m.15 views

Citrix Provisioning Target Poor Performance And Slow Boot

Target Devices appear to boot slowly and hang or remain stuck at a black screen shortly after power on. Other devices that are up and running can be found frozen. These machines might be found "unregistered" in Studio and you cannot RDP or console into them. PVS servers may be reporting DB Offlin...

7.1AI score
Exploits0
OSV
OSV
added 2023/11/16 6:1 p.m.8 views

SUSE-SU-2023:4471-1 Security update for go1.21

This update for go1.21 fixes the following issues: go1.21.4 released 2023-11-07 includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. security: fix CVE-2023-45283 CVE-2023-45284...

7.5CVSS6.9AI score0.02758EPSS
Exploits0References6
Veracode
Veracode
added 2023/10/27 9:5 p.m.26 views

Denial Of Service (DoS)

firefox is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions because the drivers are not always robust to extremely large draw calls...

7.5CVSS6.9AI score0.01585EPSS
Exploits0References9Affected Software3
Veracode
Veracode
added 2023/10/27 9:5 p.m.20 views

Denial Of Service (DoS)

firefox is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions during garbage collection...

7.5CVSS6.9AI score0.01184EPSS
Exploits0References9Affected Software4
OSV
OSV
added 2023/10/24 1:35 p.m.7 views

SUSE-SU-2023:4176-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2023-28755: Fixed a ReDoS vulnerability in URI. bsc1209891 - CVE-2023-28756: Fixed an expensive regexp in the RFC2822 time parser. bsc1209967 - CVE-2021-41817: Fixed a Regular Expression Denial of Service Vulnerability of Date Parsing...

8.8CVSS6.9AI score0.03222EPSS
Exploits2References9
Veracode
Veracode
added 2023/07/23 12:41 a.m.27 views

Denial Of Service (DoS)

gitlab is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions...

5.3CVSS6.7AI score0.0067EPSS
Exploits0References3Affected Software1
Kitploit
Kitploit
added 2023/07/11 12:30 p.m.34 views

yaraQA - YARA Rule Analyzer To Improve Rule Quality And Performance

YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of a YARA rule set. The issues yaraQA tries to detect are e.g.: rules that are syntactically...

7.3AI score
Exploits0References2
OSV
OSV
added 2023/06/22 7:48 a.m.5 views

SUSE-SU-2023:2603-1 Security update for rustup

This update for rustup fixes the following issues: - CVE-2022-31394: Fixed possible HTTP2 attacks by specifying the HTTP/2 SETTINGSMAXHEADERLISTSIZE bsc1208552. - CVE-2023-26964: Fixed high memory and CPU usage when stream stacking occurs when H2 processes HTTP2 RSTSTREAM frames bsc1210345...

7.5CVSS7.7AI score0.01121EPSS
Exploits2References5
Rows per page
Query Builder