CVE-2025-64076

A flaw was found in cbor2. This vulnerability allows denial of service through process crashes or memory exhaustion via sending specially-crafted CBOR data containing definite-length text strings with multi-byte UTF-8 characters...

CVE-2025-50402

FAST FAC1200R F400FAC1200RQ is vulnerable to Buffer Overflow in the function sub80435780 via the parameter string facpassword...

CVE-2025-13601

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

UBUNTU-CVE-2025-13601

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

CVE-2025-13601

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

SUSE CVE-2021-20329

Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers prior to a...

CVE-2025-66260 PostgreSQL SQL Injection (status_sql.php)

PostgreSQL SQL Injection statussql.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in statussql.php. The statussql.php endpoint constructs...

PT-2025-48152

Name of the Vulnerable Software and Affected Versions FAST FAC1200R F400 FAC1200R Q affected versions not specified Description The FAST FAC1200R F400 FAC1200R Q is susceptible to a buffer overflow condition. This occurs in the sub 80435780 function through the fac password parameter. The...

glib 安全漏洞

glib is a general-purpose, portable utility library from the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, main loop abstractions, and more. A security vulnerability exists in glib, which stems from a buffer size miscalculation in t...

OpenSearch is vulnerable to DoS via complex query_string inputs

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 2.19.4 and versions 3.0.0 through 3.2.0...

EUVD-2025-199644

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 3.2.0...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the querystring processing. An attacker can exhaust system resources and disrupt service availability by submitting excessively long Boolean or disjunction queries. PoC GET search "query": "querystring":...

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

UBUNTU-CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

CVE-2025-9624 OpenSearch 3.2.0 - Nested Boolean/Disjunction asymmetric DoS

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

CVE-2025-9624 OpenSearch 3.2.0 - Nested Boolean/Disjunction asymmetric DoS

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

CVE-2025-9624

OpenSearch CVE-2025-9624: A DoS vulnerability via complex query_string inputs affects OpenSearch 3.0.0–3.2.x and OpenSearch

java-25-openjdk security update

An update is available for java-25-openjdk. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime...

RLSA-2025:21485 Moderate: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 JDK: Enhance String Handling CVE-2025-61748 For more details about...