EulerOS 2.0 SP12 : protobuf (EulerOS-SA-2025-2022)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups,...

EulerOS 2.0 SP10 : protobuf (EulerOS-SA-2025-2109)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups,...

Linux Distros Unpatched Vulnerability : CVE-2016-6873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. CVE-2016-6873 Note that Nessus relies ...

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 version 2.9.14 and earlier, which stems from an uncontrolled recursion in XPath evaluation that could lead ...

Linux Distros Unpatched Vulnerability : CVE-2016-6875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. CVE-2016-6875 Note that Nessus relies...

Linux Distros Unpatched Vulnerability : CVE-2025-0649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

La MaraDNS

MaraDNS is a small open-source DNS server. It is an authoritative DNS server that handles recursion using the included "Deadwood" program. The MaraDNS repository contains various files, including a README, CHANGELOG, and Dockerfile, which provide information on how to compile and run MaraDNS, as...

Security update for protobuf

This update for protobuf fixes the following issues: CVE-2024-2410: Use after free when parsing JSON from a stream bsc1223947. CVE-2024-7254: StackOverflow vulnerability in Protocol Buffers bsc1230778. CVE-2025-4565: Parsing of untrusted Protocol Buffers data containing an arbitrary number of...

Linux Distros Unpatched Vulnerability : CVE-2025-9714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted...

ROS-20250905-11

A vulnerability in the MuPDF PDF viewer is related to infinite recursion in the mutool utility clean. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

SUSE CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...

CLSA-2025-1757017511 protobuf: Fix of CVE-2024-7254

CVE-2024-7254: prevent stack overflow by limiting recursion depth when parsing nested Protocol Buffers data...

CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...

UBUNTU-CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...

CVE-2025-38690 drm/xe/migrate: prevent infinite recursion

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...

CVE-2025-38690

The CVE-2025-38690 entry applies to the Linux kernel code path drm/xe/migrate. The vulnerability concerns incorrect handling of alignment for a bounce buffer when buf+offset is not aligned to XE_CACHELINE_BYTES, which could lead to recursive retries and a stack/recursion risk. The root cause desc...

eventpoll: Fix semi-unbounded recursion

...

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.

...

atm: clip: Fix infinite recursive call of clip_push().

...

libxml2 xmlcatalog xmlParseSGMLCatalog recursion

...