#dos

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Siemens  Equipment: SCALANCE XCM332  Vulnerabilities: Allocation of Resources Without Limits or Throttling, Use After Free, Concurrent Execution Using Shared Resource with Improper Synchronization ('Race Condition'), Incorrect Default Permissions, Out-of-bounds Write, and Improper Validation of Syntactic Correctness of Input  2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition, code execution, data injection, and allow unauthorized access.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  SCALANCE XCM332 (6GK5332-0GA01-2AC2): Versions prior to 2.2  3.2 VULNERABILITY OVERVIEW 3.2.1 ALLOCATION OF RESOURCES WITHOUT LIMITS OR THROTTLING CWE-770  In versions of libtirpc prior to 1.3.3rc1, remote attackers could exhaust the file descriptors of a process using libtirpc due to mishandling of idle TC...

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Mitsubishi Electric India  Equipment: GC-ENET-COM  Vulnerability: Signal Handler Race Condition   2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a communication error and may result in a denial-of-service condition.   3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric India Ethernet communication Extension unit GC-ENET-COM, are affected:  Mitsubishi Electric India GC-ENET-COM: Models with the beginning serial number 16XXXXXXXXX.  3.2 VULNERABILITY OVERVIEW 3.2.1 SIGNAL HANDLER RACE CONDITION CWE-364  A vulnerability exists in the Ethernet communication Extension unit (GC-ENET-COM) of GOC35 series due to a signal handler race condition. If a malicious attacker sends a large number of specially crafted packets, communication errors could occur and could result in a denial-of-service condition when GC-ENET-COM is configured a...

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Siemens  Equipment: SIPROTEC 5 Devices  Vulnerability: NULL Pointer Dereference  2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition of the target device.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  SIPROTEC 5 6MD85 (CP200): All versions (v)  SIPROTEC 5 6MD85 (CP300): All versions prior to v9.40  SIPROTEC 5 6MD86 (CP200): All versions  SIPROTEC 5 6MD86 (CP300): All versions prior to v9.40  SIPROTEC 5 6MD89 (CP300): All versions  SIPROTEC 5 6MU85 (CP300): All versions prior to v9.40  SIPROTEC 5 7KE85 (CP200): All versions  SIPROTEC 5 7KE85 (CP300): All versions prior to v9.40  SIPROTEC 5 7SA82 (CP100): All versions  SIPROTEC 5 7SA82 (CP150): All versions prior to v9.40  SIPROTEC 5 7SA84 (CP200): All versions  SIPROTEC 5 7SA86 (CP200): All versions  SIPROTEC 5 7SA86 (CP300): All versions pr...

OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are "safe and secure." To that end, it has partnered with the crowdsourced security platform Bugcrowd for independent researchers to report vulnerabilities discovered in its product in exchange for rewards ranging from "$200 for low-severity findings to up to

A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.

Ubuntu Security Notice 6013-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.