Linux Distros Unpatched Vulnerability : CVE-2026-33908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the...

DEBIAN-CVE-2026-33908

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...

CVE-2025-36001

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion...

CVE-2021-28040

An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vulnerability in osxml.c occurs when a large number of opening and closing XML tags is used. Because recursion is used in ReadElem without restriction, an attacker can trigger a segmentation fault once unmapped memory is reached...

AZL-58641 CVE-2024-8176 affecting package expat for versions less than 2.6.4-1

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...