CVE-2017-13313

In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for...

PT-2024-10585 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to an incorrect bounds check in the dequeueAccessUnitMPEG4Video function of ESQueue.cpp, which can lead to an infinite loop and...

ROS-20241115-02

A vulnerability in the octeontx2-pf component of the Linux kernel is related to a memory leak in the function otx2qosreadtxschqcfgtl in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

Security Bulletin: IBM B2B Sterling Integrator is vunerable to denial of services attacks due to an Apache Commons vulnerability

Summary IBM B2B Sterling Integrator is vunerable to denial of services attacks due to an Apache Commons vulnerability Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw. By persuading a victim to op...

Oracle Linux 8 : libsoup (ELSA-2024-9573)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9573 advisory. - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Backport upstream patch...

Fedora 37 : qemu (2022-22b1f8dae2)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-22b1f8dae2 advisory. hcd-xhci: infinite loop in xhciringchainlength CVE-2020-14394 ati-vga: out-of-bounds write in ati2dblt CVE-2021-3638 acpi erst: memory corruption...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

libsoup: infinite loop while reading websocket data

A flaw was found in Libsoup. The soupwebsocketconnectionread function uses a loop that reads incoming WebSocket data via the glib library. This issue makes it possible to cause the loop to run indefinitely by sending a continuous stream of data to it. The effect will prevent the DCV service from...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

SUSE CVE-2024-52532

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients...

CVE-2024-37400

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service...

CVE-2024-37400

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service...

CVE-2024-37400

An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service...

CVE-2024-37400

CVE-2024-37400 is an out-of-bounds read in Ivanti Connect Secure prior to version 22.7R2.3 that allows a remote unauthenticated attacker to trigger an infinite loop, resulting in a denial of service. Public sources in the connected documents confirm affected product/version: Ivanti Connect Secure...

RHEL 9 : libsoup (RHSA-2024:9559)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9559 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket dat...

openSUSE 15 Security Update : python-PyPDF2 (openSUSE-SU-2024:0366-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0366-1 advisory. - CVE-2022-24859: Fixed infinite loop vulnerability boo1198588 Tenable has extracted the preceding description block directly from the SUSE security...

RHEL 8 : libsoup (RHSA-2024:9573)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9573 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket dat...

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names CVE-2024-52530 For more details about the security...

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names CVE-2024-52530 For more details about the security...

libsoup security update

2.62.3-6 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Backport upstream patch for CVE-2024-52530 - infinite loop while reading websocket data - Resolves: RHEL-67076 - Resolves: RHEL-67067...