CVE-2024-51513

Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption...

CVE-2024-51513

CVE-2024-51513 concerns Huawei HarmonyOS’ VPN module, where processes are not fully terminated. The vulnerability can affect power consumption (impact stated). The most concrete details in the connected sources indicate a local attack vector with low attack complexity, and the Red Hat and CNVD en...

UBUNTU-CVE-2024-42267

In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VMFAULTSIGSEGV in mmfaulterror Handle VMFAULTSIGSEGV in the page fault path so that we correctly kill the process and we don't BUG the kernel...

CVE-2024-42267 riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error()

In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VMFAULTSIGSEGV in mmfaulterror Handle VMFAULTSIGSEGV in the page fault path so that we correctly kill the process and we don't BUG the kernel...

(0Day) Microsoft Windows Error Reporting Service Missing Authorization Arbitrary Process Termination Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

PT-2024-38051 · Unknown · Nimble Commander

Name of the Vulnerable Software and Affected Versions: Nimble Commander affected versions not specified Description: The issue arises from the server's improper validation of a client's authorization, specifically in the info.filesmanager.Files.PrivilegedIOHelperV2 component. This allows for the...

VulnCheck KEV: CVE-2024-1853

Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers...

UBUNTU-CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

PT-2024-37402 · Cockpit +4 · Cockpit +4

Name of the Vulnerable Software and Affected Versions: cockpit affected versions not specified Description: A flaw was found in the cockpit package, allowing an authenticated user to kill any process when enabling the pam env's user readenv option. This leads to a denial of service DoS attack...

A vulnerability in Node.js has been identified allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory potentially leading to process termination depending on the system configuration.

...

CVE-2024-38355

A vulnerability was found in Socket.IO where a specially crafted packet can trigger an uncaught exception on the server, causing the Node.js process to crash. When the server receives this malformed packet, it results in an unhandled error event that stops the Socket.IO server from functioning...

CVE-2024-38355

Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...

ALPINE-CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

CVE-2024-33601

A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria...

CVE-2024-25116 Specially crafted CF.RESERVE command can lead to denial-of-service

RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, authenticated users can use the CF.RESERVE command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in RedisBloom 2.4.7...

CVE-2024-22025

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

UBUNTU-CVE-2024-22025

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

CVE-2024-22025

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

CVE-2024-22025

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

CVE-2024-1853

Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers...