PT-2026-5893

Name of the Vulnerable Software and Affected Versions IBM Jazz Reporting Service affected versions not specified Description An authenticated user on the network may impact system performance by submitting complex queries because of inadequate resource pooling. Recommendations At the moment, ther...

NewStart CGSL MAIN 7.02 : unbound Multiple Vulnerabilities (NS-SA-2025-0125)

The remote NewStart CGSL host, running version MAIN 7.02, has unbound packages installed that are affected by multiple vulnerabilities: - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name...

CVE-2025-6069

The issue CVE-2025-6069 affects Python’s standard library HTML parsing: the html.parser.HTMLParser class can exhibit worst-case quadratic complexity when handling crafted malformed inputs, potentially enabling amplified denial-of-service. The connected advisories confirm the affected component is...

CVE-2025-48887

CVE-2025-48887 affects vLLM command/tool parsing: the ReDoS vulnerability is in vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py for versions 0.6.4 through 0.9.0 (exclusive) . The root cause is a highly complex, nested regex used for tool call detection, enabling catastrophic backtrac...

PT-2025-23224 · Vllm · Vllm

Name of the Vulnerable Software and Affected Versions: vLLM versions 0.6.4 through 0.9.0 Description: The issue is a Regular Expression Denial of Service ReDoS vulnerability in the file vllm/entrypoints/openai/tool parsers/pythonic tool parser.py. The root cause is the use of a highly complex and...

CVE-2020-5591

XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the recursive resolver's performance or compromising the recursive resolver as a reflector in a...

SUSE-SU-2024:4137-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues: - CVE-2024-52804: Fixed a denial of service caused by quadratic performance of cookie parsing bsc1233668...

CVE-2021-1350

A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker to negatively affect the performance of this service. The vulnerability exists due to insufficient rate limiting controls in the web UI. An attacker could exploit this vulnerability by sending crafted...

Unspecified Vulnerability in PowerDNS Recursor

PowerDNS Recursor pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor versions 4.1.0 through 4.3.0, which can be exploited by an attacker to cause a degradation in service performance...