Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2021-40365

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.

CVE
#vulnerability#dos#js#pdf
GHSA-whgh-g24c-3j5q: hutool-json stack overflow vulnerability

A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.

GHSA-3vqj-43w4-2q58: hutool-json stack overflow vulnerability

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.

CVE-2022-45690: Find a StackOverflowError which may lead to dos in hutool-json · Issue #2746 · dromara/hutool

A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.

CVE-2022-45688: Find a StackOverflowError which may lead to dos in hutool-json · Issue #2748 · dromara/hutool

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.

CVE-2022-45685: Find a StackOverflowError in jettison · Issue #54 · jettison-json/jettison

A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.

CVE-2022-45693: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos · Issue #52 · jettison-json/jettison

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability

A critical security flaw has been disclosed in Amazon Elastic Container Registry (ECR) Public Gallery that could have been potentially exploited to stage a multitude of attacks, according to cloud security firm Lightspin. "By exploiting this vulnerability, a malicious actor could delete all images in the Amazon ECR Public Gallery or update the image contents to inject malicious code," Gafnit

CVE-2022-44682: Windows Hyper-V Denial of Service Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host.

Ubuntu Security Notice USN-5775-1

Ubuntu Security Notice 5775-1 - It was discovered that Vim uses freed memory in recursive substitution of specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. It was discovered that Vim could be made to crash when parsing invalid line numbers. An attacker could possibly use this to crash Vim and cause denial of service.