Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

RHSA-2022:0827: Red Hat Security Advisory: .NET Core 3.1 security and bugfix update

An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-8927: brotli: buffer overflow when input chunk is larger than 2GiB * CVE-2022-24464: dotnet: ASP.NET Denial of Service via FormPipeReader * CVE-2022-24512: dotnet: double parser stack buffer overrun

Red Hat Security Data
#vulnerability#web#linux#red_hat#dos#nodejs#js#java#kubernetes
RHSA-2022:0830: Red Hat Security Advisory: .NET 5.0 security and bugfix update

An update for .NET 5.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-8927: brotli: buffer overflow when input chunk is larger than 2GiB * CVE-2022-24464: dotnet: ASP.NET Denial of Service via FormPipeReader * CVE-2022-24512: dotnet: double parser stack buffer overrun

RHSA-2022:0056: Red Hat Security Advisory: OpenShift Container Platform 4.10.3 security update

Red Hat OpenShift Container Platform release 4.10.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3121: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation * CVE-2021-3749: nodejs-axios: Regular expression denial of service in trim function * CVE-2021-39226: grafana: Snapshot authentication bypass * CVE-2021-43813: grafana: directory traversal vulne...

CVE-2022-24741: Prevent loading images that would require too much memory. by fancycode · Pull Request #30291 · nextcloud/server

Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud Server is upgraded to 21.0.8 , 22.2.4 or 23.0.1. Users unable to upgrade should disable preview generation with the `'enable_previews'` config flag.

CVE-2022-24741: Prevent loading images that would require too much memory. by fancycode · Pull Request #30291 · nextcloud/server

Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud Server is upgraded to 21.0.8 , 22.2.4 or 23.0.1. Users unable to upgrade should disable preview generation with the `'enable_previews'` config flag.

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-21975

Windows Hyper-V Denial of Service Vulnerability.

CVE-2022-21973

Windows Media Center Update Denial of Service Vulnerability.

CVE-2022-23253

Point-to-Point Tunneling Protocol Denial of Service Vulnerability.

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability.