Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2022-34293: Release wolfSSL Release 5.4.0 (July 11, 2022) · wolfSSL/wolfssl

wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped.

CVE
Open in Source
#vulnerability#mac#windows#linux#dos#c++#perl#ldap#amd#ssh#ruby#ssl
Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.

CVE-2022-35488: Security Advisory ZAA-2022-05 | Zammad

In Zammad 5.2.0, an attacker could manipulate the rate limiting in the 'forgot password' feature of Zammad, and thereby send many requests for a known account to cause Denial Of Service by many generated emails which would also spam the victim.

New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure. "Because of the uncertainty of Bitcoin transactions, this technique is more unpredictable than using the common time-generated [domain generation algorithms], and thus more difficult to defend

Patch now! Cisco VPN routers are vulnerable to remote control

Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers. The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai,"

Patch now! Cisco VPN routers are vulnerable to remote control

Categories: Exploits and vulnerabilities Categories: News Tags: Cisco Tags: VPN routers Tags: CVE-2022-20842 Tags: CVE-2022-20827 Tags: CVE-2022-20841 Tags: input validation Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers. (Read more...) The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.

GHSA-7xr3-6ggc-wc9p: untangle before 1.2.1 vulnerable to XML Entity Expansion

### Impact An attacker may be able to cause a denial-of-service (DoS) condition on the server on which the product is running. This affects untangle versions up to and including 1.2.0 ### Patches The problem has been fixed with version 1.2.1 ### Workarounds None ### References https://jvn.jp/en/jp/JVN30454777/ ### For more information If you have any questions or comments about this advisory: * Open an [issue](https://github.com/stchris/untangle/issues)

CVE-2022-27185: TALOS-2022-1505 || Cisco Talos Intelligence Group

A denial of service vulnerability exists in the confctl_set_master_wlan functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.

CVE-2022-27660: TALOS-2022-1502 || Cisco Talos Intelligence Group

A denial of service vulnerability exists in the confctl_set_guest_wlan functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.