EUVD-2026-30929

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

EUVD-2024-26381

In jose4j before 0.9.5, an attacker can cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during...

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

...

AZL-71054 CVE-2025-66382 affecting package expat 2.6.4-4

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

CVE-2025-66382

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

CVE-2025-66382

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

CVE-2025-66382

CVE-2025-66382 affects libexpat up to version 2.7.3. A crafted input file of about 2 MiB can cause the parser to spend dozens of seconds processing, yielding a potential denial of service (availability impact). Documented impact ranges from low to high in sources: CVSS data indicate local access ...

CVE-2025-46708 GPU DDK - Guest VM can delay the FW and GPU from processing workloads from other VMs

Software installed and running inside a Guest VM may conduct improper GPU system calls to prevent other Guests from running work on the GPU...

Tomcat: HTTP/2 header handling DoS

A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn't reset immediately. Instead, the reset action occurs only aft...

Slackware Linux 15.0 / current openssl Vulnerability (SSA:2023-150-01)

The version of openssl installed on the remote host is prior to 1.1.1u / 3.1.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-150-01 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact...

SUSE CVE-2016-9939

Crypto++ aka cryptopp and libcrypto++ 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then the function will fail and the memory block will b...

CVE-2021-32198

EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service Windows GUI hang by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon...

Design/Logic Flaw

A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection AMP in Cisco AsyncOS Software for Cisco Email Security Appliances ESAs could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient...

Security update 1970-01-01

...