CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•30 views

CVE-2025-71329 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

8.7CVSS0.00098EPSS

NVD•added 3 days ago•5 views

CVE-2025-71319

8.7CVSS0.00098EPSS

EUVD•added 3 days ago•4 views

EUVD-2025-210087

image-size 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2 contain a denial of service vulnerability in the findBox function when processing specially crafted images with zero-sized boxes. Remote attackers can cause application hang by supplying malicious JXL, HEIF, or JP2 image files with box size zer...

8.7CVSS5.5AI score0.00098EPSS

Cvelist•added 3 days ago•30 views

CVE-2025-71319 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

8.7CVSS0.00098EPSS

CVE•added 3 days ago•6 views

CVE-2025-71319

CVE-2025-71319 affects image-size versions 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2. The vulnerability resides in the findBox function, triggered when processing crafted images with zero-sized boxes (JXL, HEIF, or JP2), causing an infinite loop and denial of service. The issue could lead to appl...

8.7CVSS5.8AI score0.00098EPSS

Vulnrichment•added 3 days ago•4 views

CVE-2025-71319 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

8.7CVSS5.8AI score0.00098EPSS

Positive Technologies•added 3 days ago•5 views

PT-2026-48232

8.7CVSS5.5AI score0.00098EPSS

RedhatCVE•added 4 days ago•5 views

CVE-2026-46276

A flaw was found in the Linux kernel's amdgpu graphics driver. This vulnerability occurs when the driver attempts to initialize zero-sized graphics memory resources on certain RDNA4 GFX 12 hardware. If a specific debugging option CONFIGDRMDEBUGMM is enabled in the kernel configuration, this...

5.5AI score0.00024EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Do not request stats with a stats buffer of size “0”. Sachin reported 1 that on a POWER-10 lpar, he is encountering a kernel panic when the paprscm probe is called. The panic occurs as follows, and it only occurs...

5.5CVSS6.2AI score0.00091EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...

5.7AI score0.00046EPSS

Exploits0References1

Amazon•added 2026/04/30 12:0 a.m.•12 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid...

9.8CVSS6AI score0.00197EPSS

Exploits0

Tenable Nessus•added 2026/04/01 12:0 a.m.•3 views

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1515)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1515 advisory. In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been...

9.8CVSS5.8AI score0.0005EPSS

Exploits0References18

Microsoft CVE•added 2026/03/19 8:3 a.m.•2 views

fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST

...

OSV•added 2026/03/18 11:16 a.m.•2 views

Exploits0

UBUNTU-CVE-2025-71267

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...

UbuntuCve•added 2026/03/18 11:16 a.m.•0 views

Exploits0References10

CVE-2025-71267

Debian CVE•added 2026/03/18 10:5 a.m.•4 views

Exploits0References9

CVE-2025-71267

5.5CVSS5.3AI score0.00018EPSS

Exploits0

CVE•added 2026/03/18 10:5 a.m.•13 views

CVE-2025-71267

CVE-2025-71267 : In the Linux kernel ntfs3 file system, a flaw in ATTR_LIST handling can cause an infinite loop and DoS during mount. Specifically, when ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, memory is still allocated due to al_aligned(0), leaving ni->...

Exploits0References7Affected Software1

Tenable Nessus•added 2026/03/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS...

Snyk•added 2026/03/10 11:57 p.m.•6 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the FileTypeParser class. This is triggered when the ASF WMV/WMA parser receives input including an ASF sub-header with a size value of 0. An attacker can interrupt service with a 55-byte payload. Remediation Upgrade...

6.9CVSS5.8AI score0.00031EPSS