5278 matches found
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
An uncontrolled recursion flaw was found in the Apache Commons Lang library. The ClassUtils.getClass... method can throw a StackOverflowError on very long inputs. Since this error is typically not handled by applications and libraries, a StackOverflowError may lead to the termination of an...
DEBIAN-CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714 Stack overflow in libxml2
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714 Stack overflow in libxml2
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714
CVE-2025-9714 affects libxml2 up to and including 2.9.14. The vulnerability arises from uncontrolled recursion in XPath evaluation: xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr reset recursion depth to zero before recursion, enabling stack overflow via crafted expressions. Impact is...
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
USN-7743-1: libxml2 vulnerability
Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...
USN-7743-1 libxml2 vulnerability
Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2021-41752
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new...
Linux Distros Unpatched Vulnerability : CVE-2021-36395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service. CVE-2021-36395 Note tha...
EulerOS 2.0 SP12 : protobuf (EulerOS-SA-2025-2022)
According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups,...
EulerOS 2.0 SP10 : protobuf (EulerOS-SA-2025-2109)
According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Any project that uses Protobuf Pure-Python backendto parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups,...
Linux Distros Unpatched Vulnerability : CVE-2016-6873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. CVE-2016-6873 Note that Nessus relies ...
libxml2 安全漏洞
libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 version 2.9.14 and earlier, which stems from an uncontrolled recursion in XPath evaluation that could lead ...
Linux Distros Unpatched Vulnerability : CVE-2016-6875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. CVE-2016-6875 Note that Nessus relies...
Linux Distros Unpatched Vulnerability : CVE-2025-0649
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...
La MaraDNS
MaraDNS is a small open-source DNS server. It is an authoritative DNS server that handles recursion using the included "Deadwood" program. The MaraDNS repository contains various files, including a README, CHANGELOG, and Dockerfile, which provide information on how to compile and run MaraDNS, as...