Atlassian Confluence 7.19.x < 7.19.26 / 7.20.x < 8.5.12 / 8.6.x < 8.9.4 / 9.0.x < 9.0.1 (CONFSERVER-98481)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98481 advisory. - An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : libsoup3 vulnerabilities (USN-7127-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7127-1 advisory. It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : libsoup vulnerabilities (USN-7126-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7126-1 advisory. It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could...

The vulnerability of the Ivanti Avalanche device management system, related to executing a loop with an unavailable exit condition, allows a intruder to trigger a service failure.

The vulnerability of the Ivanti Avalanche device management system lies in the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability allows a remote attacker to cause a service failure...

Fedora: Security Advisory (FEDORA-2024-a059ea1dfc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Astra Linux – Vulnerability in Python 3.11

There is a HIGH-severity vulnerability affecting the CPython “zipfile” module, specifically the “zipfile.Path” class. It should be noted that the more commonly used API “zipfile.ZipFile” class is not affected by this vulnerability. When iterating over the names of entries in a zip archive for...

SUSE CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

DEBIAN-CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

UBUNTU-CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

CVE-2024-11612 7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

CVE-2024-11612

CVE-2024-11612 describes a DoS in 7-Zip caused by a logic error during stream processing in CopyCoder, leading to an infinite loop. The vulnerability is exploitable remotely and requires interaction with the library, with attack vectors varying by implementation. Connected sources confirm the fla...

CVE-2024-11612 7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

OESA-2024-2471 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations...

7-Zip 安全漏洞

7-Zip is a compression software from the 7-Zip open source. A security vulnerability exists in 7-Zip that stems from a logic error when processing streams, which could lead to an infinite loop that creates a denial of service condition...

org.apache.commons:commons-compress Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 7.14 of Confluence Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...

org.apache.commons:commons-compress Dependency in Bamboo Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector o...

CVE-2024-11595

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file...