CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5242 matches found

Tenable Nessus•added 2022/06/17 12:0 a.m.•60 views

SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:2102-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2102-1 advisory. - CVE-2017-17087: Fixed information leak via .swp files bsc1070955. - CVE-2021-3875: Fixed heap-based buffer...

9.8CVSS7.3AI score0.02861EPSS

Exploits43References122

Ubuntu•added 2022/06/02 12:21 p.m.•88 views

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

8.4CVSS7.7AI score0.00461EPSS

Exploits9

BDU FSTEC•added 2022/06/01 12:0 a.m.•2 views

The vulnerability of the Vim text editor, caused by uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the Vim text editor arises from uncontrolled recursion. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00098EPSS

Exploits1References11Affected Software4

Microsoft CVE•added 2022/05/27 7:0 a.m.•2 views

Uncontrolled Recursion in vim/vim

...

5.5CVSS6.7AI score0.00098EPSS

Exploits1

OSV•added 2022/05/24 7:19 p.m.•1 views

GHSA-3HW2-H67C-WQ66 Uncontrolled Recursion in Akka HTTP

Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments...

7.5CVSS7.1AI score0.75541EPSS

Exploits5References8

OSV•added 2022/05/24 7:3 p.m.•32 views

GHSA-H86H-8PPG-MXMH golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion

golang.org/x/net/http/httpguts in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

5.9CVSS6.7AI score0.00022EPSS

Exploits0References10

Github Security Blog•added 2022/05/24 7:3 p.m.•41 views

golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion

5.9CVSS6.5AI score0.00022EPSS

Exploits0References10Affected Software1

OSV•added 2022/05/24 1:14 p.m.•4 views

SUSE-SU-2022:1833-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write in buf.c and tree.c bsc1199132. - CVE-2017-16932: Prevent infinite recursion in parameter entities bsc1069689...

7.5CVSS6.5AI score0.21755EPSS

Exploits5References5

GitLab Advisory Database•added 2022/05/24 12:0 a.m.•32 views

Uncontrolled Recursion

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations...

5.9CVSS5.6AI score0.00022EPSS

Exploits0References10Affected Software1

FreeBSD•added 2022/05/24 12:0 a.m.•19 views

re2c -- uncontrolled recursion

re2c reports: re2c before 2.0 has uncontrolled recursion that causes stack consumption in findfixedtags...

5.5CVSS3AI score0.00101EPSS

Exploits1References1

GitLab Advisory Database•added 2022/05/24 12:0 a.m.•31 views

Uncontrolled Recursion

5.9CVSS5.6AI score0.00022EPSS

Exploits0References10Affected Software1

OSV•added 2022/05/21 12:0 p.m.•19 views

RUSTSEC-2022-0030 Stack overflow during recursive expression parsing

When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. The flaw was corrected in commits 60aa2dc03a by adding a check ...

6.5CVSS6.2AI score0.00521EPSS

Exploits0References3

RustSec•added 2022/05/21 12:0 p.m.•24 views

Stack overflow during recursive expression parsing

6.5CVSS3.4AI score0.00521EPSS

Exploits0Affected Software1

RedhatCVE•added 2022/05/20 10:45 p.m.•15 views

CVE-2020-36429

VariantencodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth...

6.5CVSS2.3AI score0.00078EPSS

Exploits0References1

Snyk•added 2022/05/20 9:17 p.m.•2 views

Uncontrolled Recursion

Overview std/encoding/pem is a Go standard library package std/encoding/pem Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Stack overflow via a large amount of PEM data via the Decode function. An attacker can cause a stack overflow and...

8.7CVSS8.8AI score0.00179EPSS

Exploits1References3