Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

Red Hat Security Advisory 2022-7066-01

Red Hat Security Advisory 2022-7066-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.

Packet Storm
Open in Source
#vulnerability#web#linux#red_hat#dos#js#firefox#sap
Red Hat Security Advisory 2022-7072-01

Red Hat Security Advisory 2022-7072-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.

CVE-2022-34439: DSA-2022-245: Dell EMC PowerScale OneFS Security Update for Multiple Security Updates

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.

CVE-2022-3647: Avoid crash on crash report when a bad function pointer was called (#… · redis/redis@0bf90d9

A vulnerability, which was classified as problematic, was found in Redis. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The name of the patch is 0bf90d944313919eb8e63d3588bf63a367f020a3. It is recommended to apply a patch to fix this issue. VDB-211962 is the identifier assigned to this vulnerability.

CVE-2022-3627: Merge branch 'tiffcrop_fix_#411_#413' into 'master' (236b7191) · Commits · libtiff / libtiff · GitLab

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

CVE-2022-3598: 2022/CVE-2022-3598.json · master · GitLab.org / cves · GitLab

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

CVE-2022-3599: Merge branch 'InkNames_NumberOfInks_handling_revised' into 'master' (e8131125) · Commits · libtiff / libtiff · GitLab

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

CVE-2022-3626: 2022/CVE-2022-3626.json · master · GitLab.org / cves · GitLab

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

CVE-2022-3597: tiffcrop: heap-buffer-overflow in _TIFFmemcpy, tif_unix.c:346 (different from #411) (#413) · Issues · libtiff / libtiff · GitLab

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency," Fortinet FortiGuard Labs researcher Cara Lin said