#dos

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: B&R Equipment: APROL Vulnerabilities: Inclusion of Functionality from Untrusted Control Sphere, Incomplete Filtering of Special Elements, Improper Control of Generation of Code ('Code Injection'), Improper Handling of Insufficient Permissions or Privileges , Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function, Exposure of Sensitive System Information to an Unauthorized Control Sphere, Exposure of Data Element to Wrong Session, Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), External Control of File Name or Path, Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute commands, elevate privileges, gather sensitive information, or alter the product. 3. TECHNICAL DETA...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: ACS880 Drives with IEC 61131-3 license Vulnerabilities: Improper Input Validation, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the device or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following low-voltage DC drive and power controller products contain a vulnerable version of CODESYS Runtime: ABB ACS880 Drives ACS880 Primary Control Program AINLX: Versions prior to v3.47 ABB ACS880 Drives ACS880 Primary Control Program YINLX: Versions prior to v1.30 ABB ACS880 Drives ACS880 IGBT Supply Control Program AISLX: Versions prior to v3.43 ABB ACS880 Drives ACS880 IGBT Supply Control Program ALHLX: Versions prior to v3.43 ABB ACS880 Drives ACS880 IGBT Supply...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCT880 memory unit incl. Power Optimizer, DCS880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCS880 memory unit incl. DEMag, DCS880 memory unit incl. DCC Vulnerabilities: Improper Input Validation, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to trigger a denial-of-service condition or execute arbitrary code over the fieldbus interfaces. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following low-voltage DC drive and power controller products contain a vulnerable version of the CODESYS Runtime: DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3): All versions DCT880 memory unit incl. Pow...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Null Pointer Dereference, Insufficient Resource Pool, Missing Synchronization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: RTU500 series CMU: Versions 12.0.1 - 12.0.14 (CVE-2024-10037) RTU500 series CMU: Versions 12.2.1 - 12.2.12 (CVE-2024-10037) RTU500 series CMU: Versions 12.4.1 - 12.4.11 (CVE-2024-10037) RTU500 series CMU: Versions 12.6.1 - 12.6.10 (CVE-2024-10037) RTU500 series CMU: Versions 12.7.1 - 12.7.7 (CVE-2024-10037) RTU500 series CMU: Versions 13.2.1 - 13.2.7 (CVE-2024-10037) RTU500 series CMU: Versions 13.4.1 - 13.4.4 (CVE-2024-10037, CVE-2024-11499, CVE-2024-12169) RTU500 series CMU: Versions 13.5.1 - 13.5.3 (CVE-2024-10037, CVE-2024-...

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google's Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target's device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

### Summary `image-size` is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in `findBox` when processing certain images with a box with size `0`. ### Details If the first bytes of the input does not match any bytes in `firstBytes`, then the package tries to validate the image using other handlers: ```js // https://github.com/image-size/image-size/blob/v1.2.0/lib/detector.ts#L20-L31 export function detector(input: Uint8Array): imageType | undefined { const byte = input[0] if (byte in firstBytes) { const type = firstBytes[byte] if (type && typeHandlers[type].validate(input)) { return type } } const finder = (key: imageType) => typeHandlers[key].validate(input) //<-- return keys.find(finder) } ``` Some handlers that call `findBox` to validate or calculate the image size are `jxl`, `heif` and `jp2`. `JXL` handler calls `findBox` inside `validate`. To reach the `findBox` ...

### Impact alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/index.js. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. ### Patches The problem has been patched in 1.0.3 ### References https://github.com/advisories/GHSA-799q-f2px-wx8c

### Summary There is a `ReDoS vulnerability risk` in the system, specifically when administrators create `notification` through the web service(`pushdeer` and `whapi`). If a string is provided that triggers catastrophic backtracking in the regular expression, it may lead to a ReDoS attack. ### Details The regular expression` \/*$\` is used to match zero or more slashes `/` at the end of a URL. When a malicious attack string appends a large number of slashes `/` and a non-slash character at the end of the URL, the regular expression enters a backtracking matching process. During this process, the regular expression engine starts checking each slash from the first one, continuing until it encounters the last non-slash character. Due to the greedy matching nature of the regular expression, this process repeats itself, with each backtrack checking the next slash until the last slash is checked. This backtracking process consumes significant CPU resources. ```js .replace(/\/*$/, "") ``` Fo...

A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.