Lucene search
K

257 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-25367

Malicious code in bioql PyPI...

6.3AI score0.00153EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-6229

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01305EPSS
Exploits1References7
OSV
OSV
added 2025/10/02 1:27 p.m.6 views

CLSA-2025-1759411642 libxml2: Fix of CVE-2025-9714

CVE-2025-9714: preserve recursion depth across recursive calls to prevent stack overflow in XPath evaluation...

6.2CVSS6.5AI score0.00144EPSS
Exploits0References1
OSV
OSV
added 2025/09/14 11:15 p.m.6 views

CVE-2025-59364

The express-xss-sanitizer aka Express XSS Sanitizer package through 2.0.0 for Node.js has an unbounded recursion depth in sanitize in lib/sanitize.js for a JSON request body...

5.3CVSS6.4AI score
Exploits0References3
Cvelist
Cvelist
added 2025/09/14 12:0 a.m.8 views

CVE-2025-59364

The express-xss-sanitizer aka Express XSS Sanitizer package through 2.0.0 for Node.js has an unbounded recursion depth in sanitize in lib/sanitize.js for a JSON request body...

5.3CVSS0.00419EPSS
Exploits0References3
OSV
OSV
added 2025/09/12 2:26 p.m.4 views

OESA-2025-2285 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handli...

6.2CVSS6.4AI score0.00144EPSS
Exploits0References2
OSV
OSV
added 2025/09/10 7:15 p.m.2 views

DEBIAN-CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

5.5CVSS5.3AI score0.00144EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/09/10 6:43 p.m.2 views

CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

6.2CVSS6.6AI score0.00144EPSS
Exploits0References3
CVE
CVE
added 2025/09/10 6:43 p.m.71 views

CVE-2025-9714

CVE-2025-9714 affects libxml2 up to and including 2.9.14. The vulnerability arises from uncontrolled recursion in XPath evaluation: xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr reset recursion depth to zero before recursion, enabling stack overflow via crafted expressions. Impact is...

6.2CVSS6.2AI score0.00144EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/09/10 6:43 p.m.12 views

CVE-2025-9714 Stack overflow in libxml2

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

6.2CVSS0.00144EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 8:25 p.m.5 views

CLSA-2025-1757017511 protobuf: Fix of CVE-2024-7254

CVE-2024-7254: prevent stack overflow by limiting recursion depth when parsing nested Protocol Buffers data...

8.7CVSS6.9AI score0.02772EPSS
Exploits0References1
OSV
OSV
added 2025/08/26 12:31 a.m.3 views

GHSA-7753-XRFW-CH36 LlamaIndex affected by a Denial of Service (DOS) in JSONReader

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS5.9AI score0.0026EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/25 3:3 p.m.8 views

CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS0.0026EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/08/19 5:3 p.m.4 views

CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

5.5CVSS5.5AI score0.00153EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.5 views

PT-2025-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the eventpoll subsystem that could allow for semi-unbounded recursion. The issue stems from insufficient depth checks when creating graph edges...

5.5CVSS6AI score0.00153EPSS
Exploits0
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an improperly limited recursion depth that could lead to resource exhaustion...

5.5CVSS6.5AI score0.00153EPSS
Exploits0References9
OSV
OSV
added 2025/07/11 12:24 p.m.4 views

OESA-2025-1800 protobuf security update

Security Fixes: Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of...

8.2CVSS7AI score0.00281EPSS
Exploits0References2
OSV
OSV
added 2025/06/16 3:15 p.m.3 views

DEBIAN-CVE-2025-4565

Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashin...

5.3CVSS5.7AI score0.00281EPSS
Exploits0References1
Huntr
Huntr
added 2025/05/27 3:2 p.m.7 views

Denial of Service(DOS) in JSONReader

Description There exists a denial of service vulnerabilityDOS that occurs by python hitting max recursion depth while parsing a deeply nested json file using JSONReader. Vulnerable piece of code...

8.6CVSS7.1AI score0.0026EPSS
Exploits0
OSV
OSV
added 2025/01/29 5:7 p.m.6 views

CLSA-2025-1738170437 hivex: Fix of CVE-2021-3622

CVE-2021-3622: fix possible stack overflow by adding the depth of recursion in the getchildren...

4.3CVSS6.8AI score0.04794EPSS
Exploits1References1
Rows per page
Query Builder