796 matches found
PT-2024-32255
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the usbnet: ipheth section in the Linux kernel, where RX callbacks can fail due to multiple reasons such as payload being too short, payload formatted incorrectly...
OESA-2024-1917 avro security update
Apache Avro is a data serialization system. Security Fixes: When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up...
Medium: wireshark
Issue Overview: Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture fil...
Netscaler Troubleshooting (Tools, Logs, Performance)
Introduction This article provides a list of Knowledge Base resources on how to troubleshoot, setup and diagnose most common issues based on memory, CPU, license. Overview of the Issue Below list of articles will provide you an outline of logs which will help you to easily identify a possible CPU...
CVE-2024-38535 Suricata http2: oom from duplicate headers
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6...
CVE-2024-38535
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6...
Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13
The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
USN-6890-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-6601, CVE-2024-6604,...
UBUNTU-CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox 128 and Thunderbird 128...
PT-2024-5451 · Microsoft · Sql Server Native Client Ole Db Provider
Name of the Vulnerable Software and Affected Versions: SQL Server Native Client OLE DB Provider affected versions not specified Description: The issue is related to a memory usage problem after memory has been freed, which can be exploited by a remote attacker to execute arbitrary code...
CVE-2022-1941
...
Astra Linux – Vulnerability in Firefox
If a memory-out-of-memory condition occurs at a specific point during use of allocations in the probabilistic heap checker, an assertion might be triggered. In rare cases, memory corruption could occur. This vulnerability affects Firefox versions less than 127...
Directus is soft-locked by providing a string value to random string util
Describe the Bug Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions...
PT-2024-25822 · Envoy · Envoy
Name of the Vulnerable Software and Affected Versions: Envoy affected versions not specified Description: The issue is related to an out-of-memory OOM vector exposed by Envoy, a cloud-native, open source edge and service proxy. This occurs because the async HTTP client buffers the response with a...
CVE-2024-36128
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.2, providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of...
CVE-2024-36128 Directus is soft-locked by providing a string value to random string util
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.2, providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of...
CVE-2021-47508
CVE-2021-47508 affects the Linux kernel’s btrfs code path. The issue is a memory leak: when qgroup/data reservation fails in btrfs_check_data_free_space() or btrfs_delalloc_reserve_space(), the allocated extent_changeset is not freed. This occurs specifically in the direct IO write path (and rela...
Stable Structures 安全漏洞
Stable Structures is a collection of data structures open-sourced by DFINITY. A security vulnerability exists in Stable Structures versions prior to 0.6.0, which stems from a memory issue in BTreeMap when releasing an overflow node, which could lead to using too much memory or even running out of...
SUSE CVE-2024-4853
Memory handling issue in editcap could cause denial of service via crafted capture file...
The vulnerability of the sun8i-ce_cipher_do_one() function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c file of the Allwinner Crypto Engine driver for the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the sun8icecipherdoone function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c file of the Allwinner Crypto Engine driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker...