Security
Headlines
HeadlinesLatestCVEs

Tag

#dos

CVE-2022-31110

RSSHub is an open source, extensible RSS feed generator. In commits prior to 5c4177441417 passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. This results in an impact on the performance of the servers and RSSHub services which may lead to a denial of service. This issue has been fixed in commit 5c4177441417 and all users are advised to upgrade. There are no known workarounds for this issue.

CVE
Open in Source
#vulnerability#dos#git#ssh
Pro-Russia Killnet Group Hit Top Lithuanian websites with Massive DDoS Attacks

By Deeba Ahmed The attack seems to be a retaliatory effort from Killnet following the diplomatic tensions between the two countries.… This is a post from HackRead.com Read the original post: Pro-Russia Killnet Group Hit Top Lithuanian websites with Massive DDoS Attacks

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a 14-year-old anonymity service that rents hacked PCs to cybercriminals -- suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy's founder is one of the men being sued by Google.

CVE-2021-3779: CVE-2021-3779: Ruby-MySQL Gem Client File Read (FIXED)

A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.

AnyDesk 7.0.9 Arbitrary File Write / Denial Of Service

AnyDesk version 7.0.9 suffers from an arbitrary file write vulnerability via a symlink attack.

Ubuntu Security Notice USN-5495-1

Ubuntu Security Notice 5495-1 - Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions. An attacker could possibly use this issue to cause a denial of service. Harry Sintonen incorrectly handled certain file permissions. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS.

CVE-2021-40609: heap-buffer-overflow in MP4BOX at souce file src/isomedia/hint_track.c:46 · Issue #1894 · gpac/gpac

The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40944: Null pointer reference in GPAC at src/filter_core/filter_pid.c:5394 · Issue #1906 · gpac/gpac

In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).

CVE-2021-40608: BUG : free on unknown addrees in MP4BOX at gf_hinter_track_finalize media_tools/isom_hinter.c:956 · Issue #1883 · gpac/gpac

The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40607: BUG: heap-buffer-overflow in MP4Box at src/isomedia/schm_box_size:179 · Issue #1879 · gpac/gpac

The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.