Lucene search
K

2395 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-59927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct...

5.3CVSS6.1AI score0.00307EPSS
Exploits1References3
EUVD
EUVD
added 2026/07/06 8:24 p.m.8 views

EUVD-2026-25012

mv: symlinks expanded during cross-device move resource exhaustion / data duplication...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/06 8:21 p.m.8 views

EUVD-2026-24998

cp: -R reads device nodes as streams, destroying device semantics...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References6
EUVD
EUVD
added 2026/07/06 8:20 p.m.13 views

EUVD-2026-25008

rm: 'rm -rf ./' and ./// variants silently deletes current directory contents, bypassing dot protection...

5.6CVSS5.9AI score0.00166EPSS
Exploits1References3
EUVD
EUVD
added 2026/07/06 7:27 p.m.6 views

EUVD-2026-24965

chmod: recursive mode returns exit code 0 even when some files fail last-file-wins...

5.5CVSS6AI score0.00143EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-45740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding...

7.5CVSS6AI score0.00263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.9 views

Elasticsearch 8.0.x < 8.19.17 / 9.0.x < 9.3.6 / 9.4.x < 9.4.3 Multiple DoS

The version of Elasticsearch installed on the remote host is 8.0 prior to 8.19.17, 9.0 prior to 9.3.6, or 9.4.0 prior to 9.4.3. It is, therefore, affected by multiple denial of service vulnerabilities: - Uncontrolled recursion in Elasticsearch allows an authenticated user to submit a specially...

6.5CVSS6AI score0.00347EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/02 12:0 a.m.36 views

CVE-2026-38970

pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext and parseArray without enforcing a maximum nesting depth...

0.00451EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 8:28 p.m.6 views

MAL-2026-6721 Malicious code in ts-eslint-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5bbed232e0268a791ce846260ce170342eec359bf1a7e84b9514767d77803a1 The package's index.js defines run/fromstr that recursively walk process.cwd and match files named.env, env, id.json, config.json, config.toml,...

6AI score
Exploits0References6
OSV
OSV
added 2026/06/30 8:30 a.m.3 views

CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS6.2AI score0.00361EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/29 4:49 a.m.10 views

CVE-2026-54269

A flaw was found in protobufjs, a JavaScript JS library for compiling protobuf definitions. A remote attacker could exploit this vulnerability by providing specially crafted protobuf definitions or message types that contain names colliding with internal protobufjs runtime helpers. This could lea...

5.3CVSS5.8AI score0.00238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.10 views

EulerOS 2.0 SP15 : python-pyasn1 (EulerOS-SA-2026-2463)

According to the versions of the python-pyasn1 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by...

7.5CVSS5.9AI score0.00679EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53035

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap...

6AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38903

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap. Which ends up spinning at sockmapupdateelem's bhlocksock: WARNING:...

5.7AI score0.00172EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in pyasn1

pyasn1 is a generic ASN.1 library for Python. Prior to version 0.6.3, the pyasn1 library was vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion during the decoding of ASN.1 data with deeply nested structures. An attacker could provide a crafted payload containing...

7.5CVSS6.7AI score0.0058EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Fixed recursive pcilockrescanremove locking in EEH event handling. The recent commit 1010b4c012b0 “powerpc/eeh: Making the EEH driver’s device hotplug safe” restructured the EEH driver to improve synchronization with...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51929

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the Linux kernel within the bpf and sockmap components. The issue arises when the bpf iter unix seq show function is executed and lock sock fast takes the fast pa...

6AI score0.00172EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/06/23 5:21 p.m.35 views

CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS0.00316EPSS
Exploits1References4
OSV
OSV
added 2026/06/22 2:40 p.m.3 views

OPENSUSE-SU-2026:21014-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References4
OSV
OSV
added 2026/06/22 2:38 p.m.3 views

SUSE-SU-2026:22258-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References5
Rows per page
Query Builder