Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

Ubuntu Security Notice USN-6420-1

Ubuntu Security Notice 6420-1 - It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

Packet Storm
#vulnerability#ubuntu#dos#perl
Gentoo Linux Security Advisory 202310-09

Gentoo Linux Security Advisory 202310-9 - Multiple vulnerabilities have been discovered in c-ares the worst of which could result in Denial of Service. Versions greater than or equal to 1.19.1 are affected.

Gentoo Linux Security Advisory 202310-05

Gentoo Linux Security Advisory 202310-5 - A vulnerability has been found in dav1d which could result in denial of service. Versions greater than or equal to 1.2.0 are affected.

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security

Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device

RHSA-2023:5533: Red Hat Security Advisory: nodejs security, bug fix, and enhancement update

An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4904: A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. * CVE-2022-25881: A flaw was found in http-cache-se...

CVE-2023-45363: ⚓ T333050 RequestTimeoutException when querying pages redirected to other variants with redirects and converttitles set

An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.

CVE-2023-45367: ⚓ T344923 User can store arbitrary number of rows in cu_useragent_clienthints

An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cu_useragent_clienthints, leading to a denial of service.

CVE-2023-44860: CVE/netis_N3/Improper Authentication Mechanism Leading to Denial-of-Service (DoS).md at main · adhikara13/CVE

An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request.

CVE-2023-21253

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.