CVE-2026-31937

CVE-2026-31937 affects Suricata (network IDS/IPS/NSM). The issue is an inefficiency in DCERPC buffering that degrades performance, occurring before version 7.0.15. The vulnerability is mitigated by upgrading to Suricata 7.0.15 or later, which patches the DCERPC buffering problem. The CVSS vector ...

CVE-2026-31933

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

UBUNTU-CVE-2026-31933

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

EUVD-2026-18241

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

CVE-2026-31933

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

UBUNTU-CVE-2026-22263

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available...

SUSE CVE-2025-6075

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...

AZL-69628 CVE-2025-6075 affecting package python3 for versions less than 3.12.9-6

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...

Denial Of Service (DoS)

OpenEXR is vulnerable to denial of service DoS. The vulnerability is due to improper input validation due to trusting unvalidated dataWindow size values from file headers, leading to excessive memory allocation and performance degradation...

SUSE-SU-2024:1588-1 Security update for go1.21

This update for go1.21 fixes the following issues: Update to go1.21.10: - CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin bsc1224017 - net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/[email protected]...

PT-2022-15024 · Unknown · Markdown-It

Name of the Vulnerable Software and Affected Versions: markdown-it versions prior to 12.3.2 Description: The issue concerns a Markdown parser that can be significantly slowed down by special patterns with lengths greater than 50 thousand characters. There are no known real-world incidents or...