Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.4 views

EulerOS 2.0 SP13 : protobuf (EulerOS-SA-2025-2275)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups,...

8.2CVSS6.9AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: djvulibre (UTSA-2025-680669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680669 advisory. In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled...

5.5CVSS5.9AI score0.01774EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13642

Malicious code in bioql PyPI...

8.9CVSS6.3AI score0.00182EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 5:4 p.m.2 views

SUSE-SU-2025:03239-1 Security update for expat

This update for expat fixes the following issues: expat was updated to version 2.7.1: - Bug fixes: - Restore event pointer behavior from Expat 2.6.4 that the fix to CVE-2024-8176 changed in 2.7.0; affected API functions are: - XMLGetCurrentByteCount - XMLGetCurrentByteIndex -...

7.5CVSS7.4AI score0.01569EPSS
Exploits0References3
OSV
OSV
added 2025/07/15 9:15 a.m.2 views

SUSE-SU-2025:02310-1 Security update for protobuf

This update for protobuf fixes the following issues: - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that can lead to crash due to RecursionError bsc1244663...

8.2CVSS7.3AI score0.00281EPSS
Exploits0References3
OSV
OSV
added 2025/04/10 7:10 a.m.5 views

BIT-ELASTICSEARCH-2024-52980 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

6.5CVSS6.3AI score0.00502EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/08 4:43 p.m.14 views

CVE-2024-52980 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

6.5CVSS0.00502EPSS
Exploits0References1
OSV
OSV
added 2022/02/14 4:24 p.m.8 views

CLSA-2022-1644855867 Fix CVE(s): CVE-2022-0351, CVE-2022-0359, CVE-2022-0368, CVE-2022-0361

SECURITY UPDATE: Condition with many "" causes a crash - debian/patches/CVE-2022-0351.patch: Limit recursion depth to 1000 - CVE-2022-0351 SECURITY UPDATE: Illegal memory access with large tabstop in Ex mode - debian/patches/CVE-2022-0359.patch: Allocate enough memory - CVE-2022-0359 SECURITY...

8.4CVSS7.1AI score0.01566EPSS
Exploits4References1
OSV
OSV
added 2014/06/05 12:0 p.m.8 views

UBUNTU-CVE-2014-0221

The dtls1getmessagefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service recursion and client crash via a DTLS hello message in an invalid DTLS handshake...

4.3CVSS7.1AI score0.87892EPSS
Exploits0References4
Prion
Prion
added 2014/01/26 8:55 p.m.13 views

Double free

queryparams.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service infinite recursion and crash via an HTTP query that contains %% double percent characters...

5CVSS7.1AI score0.01831EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2003/11/06 5:0 a.m.34 views

CVE-2003-0851

OpenSSL 0.9.6k allows remote attackers to cause a denial of service crash via large recursion via malformed ASN.1 sequences...

7.2AI score0.05407EPSS
Exploits0References12
Rows per page
Query Builder