Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

Red Hat Security Advisory 2023-3771-01

Red Hat Security Advisory 2023-3771-01 - The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Issues addressed include bypass, denial of service, and null pointer vulnerabilities.

Packet Storm
#vulnerability#web#mac#linux#red_hat#dos#js#intel#perl
Red Hat Security Advisory 2023-3741-01

Red Hat Security Advisory 2023-3741-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.

Debian Security Advisory 5435-1

Debian Linux Security Advisory 5435-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in information disclosure or denial of service.

Red Hat Security Advisory 2023-3722-01

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

CVE-2023-20895: VMSA-2023-0014

The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.

SpiderControl SCADAWebServer

1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: SpiderControl Equipment: SCADAWebServer Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SCADAWebServer are affected: SCADAWebServer: Versions 2.08 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting system files and creating a denial-of-service condition. CVE-2023-3329 has been assigned to this vulnerability. A CVSS v3 base score of 4.9 has been calculated; the CVSS vecto...

GHSA-j8xg-fqg3-53r7: word-wrap vulnerable to Regular Expression Denial of Service

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.

CVE-2023-26115: Snyk Vulnerability Database | Snyk

All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.

GHSA-fqhp-rhm6-8rrj: urlnorm vulnerable to Regular Expression Denial of Service

The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to lib.rs.

CVE-2023-33289: Public disclosure of vulnerability inside the urlnorm crate through 0.1.4 for Rust

The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to lib.rs.