CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.

Valid

Reported on

May 20th 2022

**Steps to reproduce:**

1.  As an admin, start a new conversation with any member(normal user)
2.  If the member(normal user) reply with a text of huge characters, (more than crores, etc)the admin may not able to access the dash board and its get started lagging, because the server get DOS

**POC Screenshot:**

\[

**POC Video:**

https://www.mediafire.com/file/tzfqws14imvdfxr/trudesk_dos.mov/file

**Patch recommendation:**

1.  Limit the characters to max (5000 or 10000)

**Impact**

1.  Denial of service

Headline

CVE-2022-1926: Allocation of Resources Without Limits in in trudesk

CVE: Latest News