Lucene search
K

13368 matches found

RedhatCVE
RedhatCVE
added 2025/10/30 11:26 p.m.3 views

CVE-2025-61725

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption. Mitigation Mitigation for this issue is either not available or the currently available options do...

7.5CVSS8.1AI score0.00613EPSS
Exploits0References7
OSV
OSV
added 2025/10/30 10:15 a.m.1 views

CVE-2025-54469

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...

9.9CVSS6AI score0.0043EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 9:41 a.m.19 views

CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...

9.9CVSS0.0043EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:41 a.m.2 views

CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...

9.9CVSS7.1AI score0.0043EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:41 a.m.32 views

CVE-2025-54469

NeuVector Enforcer is vulnerable to command injection due to unsanitized use of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to compose shell commands via popen. Connected sources (GO-2025-4042, NVD/OSV entries) confirm the issue and potential impact (command injection; buffer over...

9.9CVSS6.8AI score0.0043EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/30 12:31 a.m.6 views

EUVD-2025-36730

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS6.3AI score0.00526EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/30 12:31 a.m.5 views

EUVD-2025-36739

The ParseAddress function constructeds domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS6.4AI score0.00613EPSS
Exploits0References5
Snyk
Snyk
added 2025/10/29 11:55 p.m.2 views

Malicious Package

Overview operations-packages is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 11:55 p.m.1 views

Malicious Package

Overview legacyesgodfcommon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 11:55 p.m.3 views

Malicious Package

Overview esg-odf-common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
NVD
NVD
added 2025/10/29 11:16 p.m.7 views

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS0.00526EPSS
Exploits0References5
NVD
NVD
added 2025/10/29 11:16 p.m.6 views

CVE-2025-61725

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS0.00613EPSS
Exploits0References5
OSV
OSV
added 2025/10/29 11:16 p.m.9 views

AZL-69164 CVE-2025-61724 affecting package msft-golang 1.24.13-1

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS7.2AI score0.00526EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.3 views

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS5.9AI score
Exploits0References5
OSV
OSV
added 2025/10/29 11:16 p.m.6 views

AZL-78923 CVE-2025-61725 affecting package golang 1.25.7-1

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS6.6AI score0.00613EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.5 views

AZL-78921 CVE-2025-61724 affecting package golang 1.25.7-1

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS7.2AI score0.00526EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.6 views

AZL-69362 CVE-2025-58183 affecting package skopeo for versions less than 1.14.4-7

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7.2AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.6 views

AZL-69033 CVE-2025-58183 affecting package containerized-data-importer for versions less than 1.55.0-26

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7.2AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.7 views

UBUNTU-CVE-2025-61725

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS6.7AI score0.00613EPSS
Exploits0References6
OSV
OSV
added 2025/10/29 11:16 p.m.4 views

UBUNTU-CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS7.1AI score0.00526EPSS
Exploits0References6
Rows per page
Query Builder