Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

Ubuntu Security Notice USN-5126-1

Ubuntu Security Notice 5126-1 - Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service.

Packet Storm
Open in Source
#vulnerability#ubuntu#dos#ubuntu#dos
GRAudit Grep Auditing Tool 3.2

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

WebCTRL OEM 6.5 Cross Site Scripting

WebCTRL OEM version 6.5 suffers from a cross site scripting vulnerability.

WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS

WordPress NextScripts: Social Networks Auto-Poster plugin versions 4.3.20 and below suffer from a cross site scripting vulnerability.

Movable Type 7 r.5002 XMLRPC API Remote Command Injection

This Metasploit module exploits an XML-RPC API OS command injection vulnerability in Movable Type 7 version r.5002.

Android NFC Type Confusion

Android NFC suffers from a type confusion vulnerability due to a race condition during a tag type change.

Red Hat Security Advisory 2021-3915-01

Red Hat Security Advisory 2021-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

CVE-2021-41186: fluentd/CHANGELOG.md at master · fluent/fluentd

Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. This issue is patched in version 1.14.2 There are two workarounds available. Either don't use parser_apache2 for parsing logs (which cannot guarantee generated by Apache), or put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable `FLUENT_PLUGIN` or `--plugin` option of fluentd).