Lucene search
K

100 matches found

CVE
CVE
added 2026/05/07 12:0 a.m.17 views

CVE-2026-40214

OpenStack Cyborg prior to 16.0.1 suffers a access-control flaw in the Accelerator Request (ARQ) API. The project_id field is never populated (NULL for ARQs), database queries lack project filtering, and the authorize_wsgi policy check compares the caller’s project_id to itself rather than the tar...

6.3CVSS5.8AI score0.00206EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 4:16 p.m.12 views

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

5.5CVSS0.00098EPSS
Exploits0References1
OSV
OSV
added 2026/03/12 6:16 p.m.2 views

DEBIAN-CVE-2026-32141

flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow...

7.5CVSS7.5AI score0.00777EPSS
Exploits1References1
NVD
NVD
added 2026/03/12 6:16 p.m.4 views

CVE-2026-32141

flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow...

7.5CVSS0.00777EPSS
Exploits1References11
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:8 p.m.12 views

CVE-2026-32141

flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse function uses a recursive revive phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow...

7.5CVSS5.8AI score0.00777EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/01/16 12:25 a.m.6 views

SUSE CVE-2026-0990

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

5.9CVSS6.7AI score0.00755EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000857)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000857 advisory. The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service unkillable mount proce...

4CVSS6.9AI score0.00505EPSS
Exploits1References28
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2019-19645)

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5.5CVSS6.7AI score0.00566EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-9255

Malware in sbrugna...

5.5CVSS7.1AI score0.00566EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-5359

Malware in sbrugna...

4CVSS6.6AI score0.00505EPSS
Exploits1References37
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-5425

Malware in sbrugna...

7.8CVSS6AI score0.11284EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/06/24 12:0 a.m.11 views

Diffusion-Based Task-Oriented Semantic Communications with Model Inversion Attack

Semantic communication has emerged as a promising neural network-based system design for 6G networks. Task-oriented semantic communication is a novel paradigm whose core goal is to efficiently complete specific tasks by transmitting semantic information, optimizing communication efficiency and ta...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/02/24 12:8 a.m.5 views

jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service...

7.5CVSS7.4AI score0.01395EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2024/11/11 2:35 p.m.26 views

K000148484: SQLite vulnerabilities CVE-2019-19645, CVE-2016-6153, and CVE-2015-6607

Security Advisory Description CVE-2019-19645 alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. CVE-2016-6153 osunix.c in SQLite before 3.13.0 improperly implements the temporary...

6.8CVSS6.7AI score0.01554EPSS
Exploits0
OSV
OSV
added 2024/10/28 1:15 p.m.4 views

CVE-2024-8013

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryp...

3.3CVSS5.8AI score0.00119EPSS
Exploits0References1
NVD
NVD
added 2024/10/28 1:15 p.m.29 views

CVE-2024-8013

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryp...

3.3CVSS0.00119EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.6 views

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.

...

5.5CVSS7.5AI score0.00566EPSS
Exploits0
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.2 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that...

8.1CVSS7.9AI score0.00971EPSS
Exploits0References6
OSV
OSV
added 2023/12/22 11:6 a.m.5 views

OESA-2023-1966 jettison security update

Jettison is a collection of Java APIs like STaX and DOM which read and write JSON. This allows nearly transparent enablement of JSON based web services in services frameworks like CXF or XML serialization frameworks like XStream. Security Fixes: An infinite recursion is triggered in Jettison when...

7.5CVSS8.1AI score0.01009EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.4 views

SUSE CVE-2014-5472

The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service unkillable mount process via a crafted iso9660 image with a self-referential CL entry...

4CVSS6.1AI score0.00505EPSS
Exploits1References10
Rows per page
Query Builder