SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:3692-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3692-1 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the ...
7.8CVSS
7.8AI Score
0.004EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2542)
The remote host is missing an update for the Huawei...
7.5CVSS
7.8AI Score
0.01EPSS
EulerOS Virtualization 3.0.6.6 : yajl (EulerOS-SA-2022-2542)
According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...
7.5CVSS
8.5AI Score
0.01EPSS
Arsenal - Recon Tool installer
Arsenal is a Simple shell script (Bash) used to install the most important tools and requirements for your environment and save time in installing all these tools. Tools in Arsenal Name | description ---|--- Amass | The OWASP Amass Project performs network mapping of attack surfaces and external...
-0.5AI Score
SQLite3 addresses vulnerability in packaged version of libsqlite
Summary The rubygem sqlite3 v1.5.1 upgrades the packaged version of libsqlite from v3.39.3 to v3.39.4. libsqlite v3.39.4 addresses a vulnerability described as follows in the release notification: Version 3.39.4 is a minimal patch against the prior release that addresses issues found since the...
1.3AI Score
SQLite3 addresses vulnerability in packaged version of libsqlite
Summary The rubygem sqlite3 v1.5.1 upgrades the packaged version of libsqlite from v3.39.3 to v3.39.4. libsqlite v3.39.4 addresses a vulnerability described as follows in the release notification: Version 3.39.4 is a minimal patch against the prior release that addresses issues found since the...
1.3AI Score
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET...
8AI Score
0.037EPSS
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET...
8AI Score
0.037EPSS
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port...
6.8AI Score
0.012EPSS
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port...
6.6AI Score
0.012EPSS
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port...
7AI Score
0.005EPSS
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial of service (transition to the interrupt state) via a crafted packet to TCP port...
6.8AI Score
0.005EPSS
SUSE SLED15 / SLES15 Security Update : libyajl (SUSE-SU-2022:3162-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3162-1 advisory. yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of...
7.5CVSS
8.3AI Score
0.01EPSS
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.11.2)
The version of AOS installed on the remote host is prior to 5.11.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.11.2 advisory. Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of...
9.8CVSS
10AI Score
0.345EPSS
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16)
The version of AOS installed on the remote host is prior to 5.16. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16 advisory. Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of...
9.8CVSS
10AI Score
0.345EPSS
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10.9)
The version of AOS installed on the remote host is prior to 5.10.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.10.9 advisory. Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of...
9.8CVSS
10AI Score
0.345EPSS
Price Reduction - Azure Spring Apps does more, costs less!
We believe in providing the most innovative cloud offerings at incredibly competitive prices. As we operate Azure Spring Apps, we continue to build efficiencies and economies of scale. We are passing those efficiencies to you. Many customers have asked us to lower the size of the base unit to...
0.6AI Score
Uncontrolled Resource Consumption in node-opcua
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
2.1AI Score
0.001EPSS
Uncontrolled Resource Consumption in node-opcua
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
2.1AI Score
0.001EPSS
Uncontrolled Resource Consumption in asyncua and opcua
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
3.4AI Score
0.001EPSS
Uncontrolled Resource Consumption in asyncua and opcua
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
3.4AI Score
0.001EPSS
Uncontrolled Resource Consumption in opcua
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each)....
7.5CVSS
2.1AI Score
0.001EPSS
Uncontrolled Resource Consumption in opcua
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each)....
7.5CVSS
2.1AI Score
0.001EPSS
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an.....
7.5CVSS
6.8AI Score
0.003EPSS
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each)....
7.5CVSS
7.4AI Score
0.001EPSS
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an.....
7.5CVSS
0.003EPSS
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an.....
7.5CVSS
7.4AI Score
0.003EPSS
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each)....
7.5CVSS
0.001EPSS
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
7.4AI Score
0.001EPSS
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
3.6AI Score
0.001EPSS
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
7.4AI Score
0.001EPSS
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks...
7.5CVSS
0.001EPSS
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks...
7.5CVSS
7.5AI Score
0.001EPSS
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
0.001EPSS
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
7.5AI Score
0.001EPSS
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
0.001EPSS
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an.....
7.5CVSS
7.5AI Score
0.003EPSS
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
7.5AI Score
0.001EPSS
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks...
7.5CVSS
7.5AI Score
0.001EPSS
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
7.4AI Score
0.001EPSS
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each)....
7.5CVSS
7.5AI Score
0.001EPSS
CVE-2022-24381 Denial of Service (DoS)
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2022-25304 Denial of Service (DoS)
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2022-25761 Denial of Service (DoS)
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an.....
7.5CVSS
7.7AI Score
0.003EPSS
CVE-2022-21208 Denial of Service (DoS)
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g....
7.5CVSS
7.7AI Score
0.001EPSS
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited...
7.5CVSS
7.2AI Score
0.001EPSS
CVE-2022-25888 Denial of Service (DoS)
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each)....
7.5CVSS
7.7AI Score
0.001EPSS
Fedora: Security Advisory for micro (FEDORA-2022-5038c3236c)
The remote host is missing an update for...
7.5AI Score
[SECURITY] Fedora 36 Update: micro-2.0.8-6.fc36
Micro is a terminal-based text editor that aims to be easy to use and intuitive, while also taking advantage of the full capabilities of modern terminals. It comes as one single, batteries-included, static binary with no dependencies, and you can download and use it right now. As the name...
AI Score
JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...
9.8CVSS
9.7AI Score
0.001EPSS