Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2023-42189: [BUG] KeySetRemove Command returns SUCCESS status code when GroupKeySetID 0 is being removed · Issue #28518 · project-chip/connectedhomeip

Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function.

CVE
#vulnerability#ios#google#dos#git#c++#auth
CVE-2023-5462

A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-241585 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-44821

Buffer Overflow vulnerability in gifsicle v.1.92 allows a remote attacker to cause a denial of service via the --crop parameter in the command line parameters.

CVE-2023-5459: DELTA DVP32ES2 PLC device denial of service vulnerability – Google Drive

A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App

By Waqas The Red Alert App is available on iOS; however, its Android version has been removed for unknown reasons This is a post from HackRead.com Read the original post: Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App

Ubuntu Security Notice USN-6421-1

Ubuntu Security Notice 6421-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service.

Ubuntu Security Notice USN-6420-1

Ubuntu Security Notice 6420-1 - It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

Gentoo Linux Security Advisory 202310-09

Gentoo Linux Security Advisory 202310-9 - Multiple vulnerabilities have been discovered in c-ares the worst of which could result in Denial of Service. Versions greater than or equal to 1.19.1 are affected.

Gentoo Linux Security Advisory 202310-05

Gentoo Linux Security Advisory 202310-5 - A vulnerability has been found in dav1d which could result in denial of service. Versions greater than or equal to 1.2.0 are affected.

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security

Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device