CVE-2026-45149

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

CVE-2026-25680

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...

GO-2021-0265 Denial of service via maliciously crafted path in github.com/tidwall/gjson

A maliciously crafted path can cause Get and other query functions to consume excessive amounts of CPU and time...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libexif Multiple Vulnerabilities (NS-SA-2021-0158)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...

FreeBSD : libexif -- multiple vulnerabilities (cff0b2e2-0716-11eb-9e5d-08002728f74c)

Release notes : Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others : CVE-2016-6328: fixed integer overflow when parsing maker notes CVE-2017-7544: fixed buffer overread CVE-2018-20030: Fix for recursion DoS CVE-2019-9278: replaced integer overflow checks the compiler could...

Denial Of Service (DoS)

libexif is vulnerable to denial of service. Unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time and a potential application crash...

SUSE SLED15 / SLES15 Security Update : libexif (SUSE-SU-2020:1553-2)

This update for libexif to 0.6.22 fixes the following issues : Security issues fixed : CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file bsc1055857. CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exifdatasavedataentry function in...

Design/Logic Flaw

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

PYSEC-2019-40

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

Moderate: Red Hat Security Advisory: tomcat6 security and bug fix update

Updated tomcat6 packages that fix multiple security issues and three bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...

Roxen counter module

The Roxen Challenger webserver is running and the counter module is installed. Requesting large counter GIFs eats up CPU-time on the server. If the server does not support threads this will prevent the server from serving other clients. OpenVAS Vulnerability Test $Id: roxencounter.nasl 8023...