Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

Ubuntu Security Notice USN-6862-1

Ubuntu Security Notice 6862-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.

Packet Storm
#vulnerability#web#ubuntu#dos#java#perl#firefox
Ubuntu Security Notice USN-6860-1

Ubuntu Security Notice 6860-1 - Reynir Bjoernsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. Reynir Bjoernsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service.

Red Hat Security Advisory 2024-4271-03

Red Hat Security Advisory 2024-4271-03 - Red Hat AMQ Broker 7.12.1 is now available from the Red Hat Customer Portal. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-4260-03

Red Hat Security Advisory 2024-4260-03 - An update for python-idna is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-4259-03

Red Hat Security Advisory 2024-4259-03 - An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-4252-03

Red Hat Security Advisory 2024-4252-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

What’s new in the MSRC Report Abuse Portal and API

The Microsoft Security Response Center (MSRC) has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several key updates to the Report Abuse Portal and API, which will significantly improve the way we handle and respond to abuse reports.

Red Hat Security Advisory 2024-4210-03

Red Hat Security Advisory 2024-4210-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-4209-03

Red Hat Security Advisory 2024-4209-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.2 for RHEL 8. Issues addressed include a denial of service vulnerability.

ICONICS and Mitsubishi Electric Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION: Exploitable remotely Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite Vulnerabilities: Allocation of Resources Without Limits or Throttling, Improper Neutralization, Uncontrolled Search Path Element, Improper Authentication, Unsafe Reflection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in denial of service, improper privilege management, or potentially remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ICONICS reports that the following versions of ICONICS Product Suite are affected: ICONICS Suite including GENESIS64, Hyper Historian, AnalytiX, and MobileHMI: Version 10.97.2 (CVE-2022-2650, CVE-2023-4807) AlarmWorX Multimedia (AlarmWorX64 MMX): All versions prior to 10.97.3 (CVE-2024-1182) MobileHMI: All versions prior to 10.97.3 (CVE-2024-1573) ICONICS Suite including GENESIS64, Hyper Historian, AnalytiX, and MobileHMI: All versions prior to 10.97.3 (CVE-2024-...