MongoDB 6.0.x < 6.0.17 / 7.0.x < 7.0.13 / 7.3.x < 7.3.4 incorrect enforcement of index constraints (SERVER-92382)

The version of MongoDB installed on the remote host is prior to 6.0.17, 7.0.13 and 7.3.4. It is, therefore, affected by a vulnerability as referenced in the SERVER-92382 advisory. - PrepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries...

MongoDB DoS Vulnerability (SERVER-92382) - Linux

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

CVE-2024-8305

CVE-2024-8305 affects MongoDB Server: 6.0 before 6.0.17, 7.0 before 7.0.13, and 7.3 before 7.3.4. The issue arises from prepareUnique index enforcement on secondaries, which can cause secondaries to crash and, in extreme cases, result in a loss of primaries. The available connected details specif...

MongoDB Server secondaries may crash due to forced index constraints

prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 version...

CVE-2024-28870

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in ale...

CVE-2024-28870

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in ale...

CVE-2024-28870 Suricata uses excessive resource use in malformed ssh traffic parsing

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in ale...

CVE-2024-28870

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in ale...

Suricata 安全漏洞

Suricata is a suite of network intrusion detection system IDS, intrusion prevention system IPS, and network security monitoring engine developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load...

SUSE CVE-2022-35977

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory OOM panic. The problem is fixe...

GSD-2023-1000481 fs/ntfs3: Validate attribute name offset

fs/ntfs3: Validate attribute name offset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.17 by commit...

PT-2023-33558 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.17 Description: The issue is related to the validation of attribute name offset in the fs/ntfs3 component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kern...

PT-2023-33533 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.17 Description: A potential issue in the Linux Kernel may cause a crash in mempool free. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior t...

PT-2023-33568 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.17 Description: A potential security issue has been identified in the Linux Kernel, related to the fs/ntfs3 module. The issue concerns the attr load runs vcn function, where a null pointer check has been...

SeedDMS 路径遍历漏洞

SeedDMS formerly known as LetoDMS and MyDMS is a set of open source document management system based on PHP and MySql . The system is mainly used for storing and sharing documents. A security vulnerability exists in SeedDMS version 6.0.17 and version 5.1.24, which is caused by a directory travers...

CVE-2019-10067

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the contex...