CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

The vulnerability of the bgpd/bgp_label.c file in the networking routing implementation software for Unix-like systems allows a hacker to cause a service failure.

The vulnerability of the bgpd/bgplabel.c file in the networking routing implementation software for Unix-like systems in FRRouting is related to the inability to read data beyond the end of the stream during the analysis of marked one-way broadcasts. Exploiting this vulnerability could allow a...

UBUNTU-CVE-2021-34548

An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAYEND or RELAYRESOLVED to bypass the intended access control for ending a stream...

security flaw

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...