Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2022-1929: devcert ReDoS | XRAY-211352

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method

CVE
Open in Source
#dos#nodejs
CVE-2022-1797

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online.

CVE-2022-24700: Hacking Ham Radio: WinAPRS – Part 1

** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service (daemon crash) via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2021-33254: EmbedThis Appweb NPD Bug

An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function.

CVE-2021-42196: A NULL pointer dereference exists in the function traits_parse in abc.c · Issue #172 · matthiaskramm/swftools

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function traits_parse() located in abc.c. It allows an attacker to cause Denial of Service.

CVE-2021-42198: A NULL pointer dereference exists in the function swf_GetBits in rfxswf.c · Issue #168 · matthiaskramm/swftools

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause Denial of Service.

CVE-2021-42200: A NULL pointer dereference exists in the function main in swfdump.c · Issue #170 · matthiaskramm/swftools

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main() located in swfdump.c. It allows an attacker to cause Denial of Service.

CVE-2021-42202: A NULL pointer dereference exists in the function swf_DeleteFilter in swffilter.c · Issue #171 · matthiaskramm/swftools

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function swf_DeleteFilter() located in swffilter.c. It allows an attacker to cause Denial of Service.

CVE-2021-43306: jquery-validation ReDoS | XRAY-211348

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns. Called Ransomware for IoT or R4IoT by Forescout, it's a "novel, proof-of-concept ransomware that exploits an IoT device to gain access and move laterally in an IT [information technology] network and impact the OT [