CVE-2024-1853 Zemana AntiLogger v2.74.204.664 - Arbitrary Process Termination

Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers...

CVE-2024-1853

CVE-2024-1853 affects Zemana AntiLogger v2.74.204.664. It exposes an Arbitrary Process Termination vulnerability by triggering IOCTL code 0x80002048 in the vulnerable drivers zam64.sys and zamguard64.sys , enabling an attacker to terminate processes. Public materials describe BYOVD-style driver a...

CVE-2024-1853 Zemana AntiLogger v2.74.204.664 - Arbitrary Process Termination

Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers...

Zemana AntiLogger Security Vulnerabilities

Zemana AntiLogger is an application from Zemana Inc. protects your PC from keyloggers, malware, ransomware, adware and more. A security vulnerability exists in Zemana AntiLogger version v2.74.204.664 that stems from vulnerability to arbitrary process termination...

BIT-TENSORFLOW-2021-29552 CHECK-failure in `UnsortedSegmentJoin`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...

BIT-WILDFLY-2020-14317

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery EAP-CD introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script ...

Denial Of Service (DOS)

NodeJS is vulnerable to Denial Of Service DOS. The vulnerability is caused due the fact that the fetch function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed int...

Design/Logic Flaw

When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed U...

CVE-2024-24990 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

CVE-2024-24989 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

F5 Nginx Resource Management Error Vulnerability

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5, Inc. distributed under the BSD-like protocol. A security vulnerability exists in F5 Nginx Plus versions R30 and R31, which stems from an undisclosed request that could cause an NGINX worker process...

PT-2024-19799 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP affected versions not specified Description: When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition...

CVE-2023-52271

The wsftprm.sys kernel driver 2.0.0.0 in Topaz Antifraud allows low-privileged attackers to kill any Protected Process Light process via an IOCTL which will be named at a later time...

Node.js: Denial of Service by resource exhaustion in fetch() brotli decoding

A denial of service vulnerability was identified in Node.js related to resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The issue stems from fetch always decoding Brotli content, allowing an attacker controlling the URL to cause resource exhaustion...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Redis vulnerabilities (USN-6531-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6531-1 advisory. Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An...

nodejs: process interuption due to invalid Public Key information in x509 certificates

A vulnerability has been identified in the Node.js, where an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as...

CVE-2023-38419 BIG-IP and BIG-IQ iControl SOAP vulnerability

An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs

A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish...

CVE-2023-24511 On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process.

On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated causing SNMP requests to time out until snmpd is automatically restarted and potential memory resource...

Envoy 输入验证错误漏洞

Envoy is an open source distributed proxy server. An input validation error vulnerability exists in versions of Envoy after 1.22.9. An attacker could exploit this vulnerability to cause an Envoy process to terminate abnormally...