Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2023-24898: Windows SMB Denial of Service Vulnerability

**What version of Windows Server 2022 is affected by this vulnerability?** This vulnerability only affects the hotpatch version of Windows Server 2022. If you are not running this version of the operating system, no action is required for this vulnerability.

Microsoft Security Response Center
Open in Source
#vulnerability#web#windows#microsoft#dos#samba#Windows SMB#Security Vulnerability
CVE-2023-24940: Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation: The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. You can check to see if there is a service running named **Message Queuing** and TCP port 1801 is listening on the machine.

CVE-2021-31239: Vulnerabilities/CVE-2021-31239 at main · Tsiming/Vulnerabilities

An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.

CVE-2022-48389

In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2023-28194: About the security content of iOS 16.4 and iPadOS 16.4

The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen

CVE-2023-28190: About the security content of macOS Ventura 13.3

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data

CVE-2023-30092: GitHub - nawed20002/CVE-2023-30092

SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter.

Ubuntu Security Notice USN-6061-1

Ubuntu Security Notice 6061-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Ubuntu Security Notice USN-6055-2

Ubuntu Security Notice 6055-2 - USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.

Debian Security Advisory 5398-1

Debian Linux Security Advisory 5398-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.