Denial-of-Service (DoS)

typo3/cms-backend is vulnerable to Denial-of-Service DoS. The vulnerability is due to an uncaught exception in the Bookmark Toolbar, which allows administrator-level backend users to trigger a DoS condition in the backend user interface by saving manipulated data...

EUVD-2020-3425

Malware in sbrugna...

EUVD-2024-52836

Malicious code in bioql PyPI...

HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service

Summary The HAX CMS NodeJS application crashes when an authenticated attacker provides an API request lacking required URL parameters. This vulnerability affects the listFiles and saveFiles endpoints. Details This vulnerability exists because the application does not properly handle exceptions...

CVE-2024-55653

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

CVE-2024-53240

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues...

CVE-2024-55653 pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS)

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

CVE-2024-55653

CVE-2024-55653 affects the PwnDoc open-source tool, with versions up to and including 0.5.3. The root issue is an authentication-bypassable path that can raise an UnhandledPromiseRejection on audits, causing the backend to crash. This makes the entire application unresponsive and unusable for all...

CVE-2024-55653 pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS)

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

CVE-2024-55653 pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS)

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

PwnDoc 输入验证错误漏洞

PwnDoc is a penetration test report generator from the PwnDoc open source. An input validation error vulnerability exists in PwnDoc 0.5.3 and earlier versions, which stems from the fact that an authenticated user can crash the backend by raising an UnhandledPromiseRejection on an audit on the exi...

Important: kernel

Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in...

Updated kernel-linus fixes security vulnerabilities and many bugs

Upstream version 6.6.14 with many bugfixes and at least the following security fixes: An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

SUSE CVE-2009-3229

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service backend shutdown by "re-LOAD-ing" libraries from a certain plugins directory...

DEBIAN-CVE-2021-26931

An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests such as out of memory conditions, it isn'...

UBUNTU-CVE-2020-10725

A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity chec...

PostgreSQL -- Security Fixes for Regular Expressions, PL/Java.

PostgreSQL project reports: Security Fixes for Regular Expressions, PL/Java CVE-2016-0773: This release closes security hole CVE-2016-0773, an issue with regular expression regex parsing. Prior code allowed users to pass in expressions which included out-of-range Unicode characters, triggering a...

ISC BIND 'isselfsigned()' Denial of Service Vulnerability

BIND is a very widely used implementation of the DNS protocol. ISC BIND name.c is configured as a DNSSEC-verifiable recursive resolver, allowing remote attackers to construct domain data, query the domain name, and submit special requests that can crash the backend program...

postgresql: double-free after authentication timeout

A double-free flaw was found in the way PostgreSQL handled connections. An unauthenticated attacker could possibly exploit this flaw to crash the PostgreSQL backend by disconnecting at approximately the same time as the authentication time out was triggered...

postgresql: double-free after authentication timeout

A double-free flaw was found in the way PostgreSQL handled connections. An unauthenticated attacker could possibly exploit this flaw to crash the PostgreSQL backend by disconnecting at approximately the same time as the authentication time out was triggered...