Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2021-32844: Various fixes by fredericdalleau · Pull Request #313 · moby/hyperkit

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, ` vi_pci_write` has is a call to `vc_cfgwrite` that does not check for null which when called makes the host crash. This issue may lead to a guest crashing the host causing a denial of service. This issue is fixed in commit 451558fe8aaa8b24e02e34106e3bb9fe41d7ad13.

CVE
Open in Source
#mac#dos#git
CVE-2023-21593: Adobe Security Bulletin

Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2023-24785: PeaZip / Tickets / #734 found denial of service attack (DoS)

An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End of Archive tag function of the peazip/pea UNPEA feature.

CVE-2021-3172: #2351 - User IP fixes, and Poll Voting form token to 1 count per scre… · PHPFusion/PHPFusion@7b8df69

An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature.

CVE-2022-43929: IBM® Db2® may be vulnerable to a denial of service when executing a specially crafted 'Load' command. (CVE-2022-43929)

IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.

CVE-2022-47986: IBM Aspera Faspex 4.4.2 PL2 has addressed multiple vulnerabilities (CVE-2022-28330, CVE-2023-22868, CVE-2022-30556, CVE-2022-31813, CVE-2022-30522, CVE-2022-47986, CVE-2022-28615, CVE-2022-26377, CVE-

IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.

Red Hat Security Advisory 2023-0577-01

Red Hat Security Advisory 2023-0577-01 - This release of Red Hat build of Eclipse Vert.x 4.3.7 GA includes security updates. For more information, see the release notes listed in the References section. Issues addressed include a denial of service vulnerability.

GHSA-vvpx-j8f3-3w6h: Uncontrolled Resource Consumption

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

GHSA-qgc7-mgm3-q253: Uncontrolled Resource Consumption

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.

⚡Top Cybersecurity News Stories This Week — Cybersecurity Newsletter

Hey 👋 there, cyber friends! Welcome to this week's cybersecurity newsletter, where we aim to keep you informed and empowered in the ever-changing world of cyber threats. In today's edition, we will cover some interesting developments in the cybersecurity landscape and share some insightful analysis of each to help you protect yourself against potential attacks. 1. Apple 📱 Devices Hacked with