Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2021-28025: Out of bounds read in function `QRadialFetchSimd<QSimdSse2>::fetch` when input craft svg file

Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service (DoS).

CVE
Open in Source
#vulnerability#dos
CVE-2020-28840: heap-buffer-overflow on process_COM in jpgfile.c:51

Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS).

CVE-2020-27514: Arbitrary File Deletion Vulnerability in com.zrlog.web.controller.admin.api.TemplateController#delete · Issue #66 · 94fzb/zrlog

Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS).

CVE-2021-29057: timeout isn't safe. Potential DDOS issue · Issue #20 · SUCHMOKUO/node-worker-threads-pool

An issue was discovered in StaticPool in SUCHMOKUO node-worker-threads-pool version 1.4.3, allows attackers to cause a denial of service.

CVE-2020-35141: Suggestion for OFPQueueGetConfigReply parser with queue.len=0 · Issue #118 · faucetsdn/ryu

An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).

Ubuntu Security Notice USN-6278-2

Ubuntu Security Notice 6278-2 - USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that .NET did properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution.

15 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47379 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It

CVE-2023-22276

Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.