Lucene search
K

65 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed an out-of-range indexing issue in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only...

6.4AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 1:41 a.m.9 views

CVE-2025-71319

A flaw was found in image-size. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted JXL, HEIF, or JP2 image files that contain zero-sized boxes. The findBox function, responsible for image validation, enters an infinite loop when processing...

8.7CVSS5.8AI score0.0064EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-71319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a...

8.7CVSS6.2AI score0.0064EPSS
Exploits1References2
NVD
NVD
added 2026/06/10 2:16 p.m.13 views

CVE-2025-71330

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing valid magic bytes and a zero-valued entry length field to...

8.7CVSS0.0043EPSS
Exploits1References3
CVE
CVE
added 2026/06/10 1:4 p.m.69 views

CVE-2025-71329

The CVE-2025-71329 vulnerability affects image-size up to version 2.0.2 and is triggered by a crafted image buffer containing a zero-valued size field in a recognized box-type, causing an infinite loop in the JXL or HEIF parsers and permanently blocking the Node.js event loop (DoS). Impact is den...

8.7CVSS5.8AI score0.0043EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/10 1:2 p.m.38 views

CVE-2025-71330 image-size 2.0.2 Denial of Service via Malformed ICNS Image Parsing

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing valid magic bytes and a zero-valued entry length field to...

8.7CVSS0.0043EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

image-size 资源管理错误漏洞

image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size 2.0.2 and earlier have security vulnerabilities. These vulnerabilities stem from infinite loops within the ICNS parser, which could allow remote attackers to permanently block the Node.js event...

8.7CVSS5.9AI score0.0043EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

image-size 资源管理错误漏洞

image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size 2.0.2 and earlier have security vulnerabilities. These vulnerabilities stem from infinite loops within the JXL or HEIF image parser, which could allow remote attackers to permanently block the...

8.7CVSS6AI score0.0043EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/09 7:57 p.m.51 views

CVE-2025-71319 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.0064EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.22 views

image-size 资源管理错误漏洞

image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size from 1.1.0 to 1.2.1 and from 2.0.0 to 2.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the findBox function, which had a denial-of-service vulnerability when processin...

8.7CVSS5.9AI score0.0064EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server could crash the FreeRDP client by sending invalid huge allocation sizes. Version 3.5.1 includes a patch for this issue. There are no known workaround solutions available...

7.5CVSS7.1AI score0.01178EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.7 views

samtools 代码问题漏洞

Samtools is a set of open-source tools for processing high-throughput sequencing data. Versions of Samtools prior to 1.23.1, 1.22.2, and 1.21.1 have code vulnerabilities. These vulnerabilities stem from a lack of error checking in the cram-size command, which may lead to null pointer dereferencin...

7.5CVSS5.9AI score0.00523EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.7 views

CVE-2021-22391

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset...

7.5CVSS6.8AI score0.00677EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-27242

Malware in sbrugna...

7.8CVSS7.6AI score0.00758EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-27238

Malware in sbrugna...

7.8CVSS7.6AI score0.00758EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28326

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.0063EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2021-27701

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00949EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-30013

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-34384

Malicious code in bioql PyPI...

8.7CVSS6.4AI score0.00605EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-21163

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder