Lucene search
K

16 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 8:12 p.m.19 views

kernel: Linux kernel: Denial of Service in authencesn due to too-short AAD

A flaw was found in the Linux kernel's authencesn authenticated encryption with associated data implementation. A remote attacker can exploit this vulnerability by providing a specially crafted Associated Additional Data with a length shorter than the expected minimum. This can lead to a NULL...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/14 4:35 a.m.2 views

CVE-2025-67897

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

5.3CVSS6.5AI score0.00297EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/14 12:0 a.m.6 views

Sequoia PGP 安全漏洞

Sequoia PGP is a Rust library open-sourced by sequoia-pgp. A security vulnerability exists in Sequoia PGP versions prior to 2.1.0, which stems from the fact that aeskeyunwrap crashes when passing too short a ciphertext, potentially crashing the application...

5.3CVSS6.4AI score0.00297EPSS
Exploits0References3
OSV
OSV
added 2025/08/05 3:15 p.m.3 views

DEBIAN-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

9.8CVSS7.8AI score0.00636EPSS
Exploits1References1
OSV
OSV
added 2025/08/05 3:15 p.m.1 views

ALPINE-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

9.8CVSS6.9AI score0.00636EPSS
Exploits1References1
OSV
OSV
added 2024/09/27 1:15 p.m.10 views

AZL-49878 CVE-2024-46861 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/18 12:39 a.m.2 views

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

7.5CVSS6.6AI score0.0198EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.6 views

SUSE CVE-2007-0008

Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...

6.8CVSS9.1AI score0.04335EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-11450

coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via JPEG data that is too short...

5.6CVSS9.7AI score0.02363EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/01/23 3:26 p.m.3 views

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

7.5CVSS6.6AI score0.0198EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/11/28 8:47 p.m.3 views

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

7.5CVSS6.6AI score0.0198EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/11/24 4:11 a.m.3 views

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

7.5CVSS6.6AI score0.0198EPSS
Exploits1References6
OSV
OSV
added 2022/08/10 8:15 p.m.4 views

DEBIAN-CVE-2022-32189

A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service...

7.5CVSS6.9AI score0.0198EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/03 12:0 a.m.8 views

Apache Hadoop Information Disclosure Vulnerability (CNVD-2017-36014)

Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. A security vulnerability exis...

9.8CVSS6.9AI score0.01201EPSS
Exploits0References1
OSV
OSV
added 2017/07/19 7:29 a.m.2 views

DEBIAN-CVE-2017-11450

coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via JPEG data that is too short...

8.8CVSS7.4AI score0.02363EPSS
Exploits0References1
OSV
OSV
added 2015/10/09 12:0 a.m.2 views

UBUNTU-CVE-2015-5288

The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service server crash or read arbitrary server memory via a "too-short" salt...

6.4CVSS7AI score0.04532EPSS
Exploits0References4
Rows per page
Query Builder