5149 matches found
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion through unbounded expansion of YAML aliases during the process. An attacker can exhaust system resources, causing CPU and memory consumption to spike, by providing crafted YAML input containing deeply nested or...
PT-2026-27176
Name of the Vulnerable Software and Affected Versions cbor2 versions prior to 5.9.0 Description The cbor2 library is susceptible to a Denial of Service DoS attack due to uncontrolled recursion when decoding deeply nested CBOR structures. This affects both the pure Python implementation and the C...
ROS-20260323-73-0032
A vulnerability in the net/sched component of the Linux kernel is related to uncontrolled recursion. Exploitation of the vulnerability allows an attacker to cause a denial of service...
Advisory ROSA-SA-2026-3245
software: avahi 0.8 WASP: ROSA-CHROME unaffected versions = avahi-0.8-12.git35bb1b.5 affected versions avahi-0.8-12.git35bb1b.5 CVE-ID: CVE-2026-24401 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Avahi avahi-daemon ≤ 0.9rc2 allows a remote attacker to cause a process crash DoS:...
Advisory ROSA-SA-2026-3239
software: suricata 7.0.14 AXIS: ROSA-CHROME unaffected versions = suricata-7.0.14-1 affected versions suricata-7.0.14-1 CVE-ID: CVE-2026-22258 BDU-ID: 2026-00955 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Suricata Intrusion Detection and Prevention System's DCERPC protocol implementation is...
SUSE CVE-2026-23276
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
...
Uncontrolled Recursion
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Uncontrolled Recursion via the requestComplexity.queryDepth configuration setting when processing WebSocket subscription...
Uncontrolled Recursion
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Uncontrolled Recursion via the pre-validation transform pipeline. An attacker can cause the server process to become...
EUVD-2026-13612
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
CVE-2026-23276
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
UBUNTU-CVE-2026-23276
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
CVE-2026-23276
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
CVE-2026-23276
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
CVE-2026-23276
CVE-2026-23276 fixes a recursion vulnerability in the Linux kernel networking stack. When a bonded interface in broadcast mode has GRE tunnel slaves, multicast/broadcast traffic could trigger infinite recursion between bond_xmit_broadcast() and ip_tunnel_xmit()/ip6_tnl_xmit(), risking a kernel st...
CVE-2026-23276 net: add xmit recursion limit to tunnel xmit functions
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
CVE-2026-23276 net: add xmit recursion limit to tunnel xmit functions
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...