CVE-2023-36810 Quadratic runtime with malformed PDF missing xref marker in pypdf

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of t...

CVE-2023-36810

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of t...

CVE-2023-36807 Infinite Loop when reading malformed objects in pypdf

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single co...

SUSE SLES12 Security Update : kernel (Live Patch 34 for SLE 12 SP4) (SUSE-SU-2023:2666-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2666-1 advisory. - A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipclinkxmit hits an unknown...

SUSE SLES12 Security Update : kernel (Live Patch 33 for SLE 12 SP4) (SUSE-SU-2023:2690-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2690-1 advisory. - A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipclinkxmit hits an unknown...

K000135242: Linux kernel vulnerability CVE-2023-1390

Security Advisory Description A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer...

F5 Networks BIG-IP : BIG-IP TMM SSL vulnerability (K000133132)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K000133132 advisory. - When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU ...

F5 BIG-IP Resource Management Error Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a resource management error vulnerability that originates from uncontrolled resource consumption by an...

CVE-2023-24594

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Code injection

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594 BIG-IP TMM SSL vulnerability

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594

CVE-2023-24594 affects F5 BIG-IP: when an SSL profile is configured on a Virtual Server, undisclosed traffic can cause increased CPU/SSL accelerator resource utilization (data-plane DoS). Affected BIG-IP branches include 17.x (fix: 17.0.0), 16.x (fix: 16.1.2.1), 15.x (fix: 15.1.5), 14.x (fix: 14....

Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability

A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of...

CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Race condition

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation. A security vulnerability exists in the Linux kernel, which stems from a problem with the while loop in tipclinkxmit when trying to parse a SKB that is not in a queue, and can be exploited to cause ...

CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

K25691186: BIG-IP Configuration utility vulnerability CVE-2020-27715

Security Advisory Description Crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon. CVE-2020-27715 Impact Unable to access the affected BIG-IP system's Configuration utility. Security Advisory Status F5 Product Development has...