480 matches found
Cybercriminals Target Alibaba Cloud for Cryptomining, Malware
Cybercriminals are targeting Alibaba Elastic Computing Service ECS instances, disabling certain security features to further their cryptomining goals. Alibaba offers a few unique options that make it a highly attractive target for attackers, researchers noted. Register now for our LIVE event!...
PT-2021-22139 · Auvesy · Auvesy Webinstaller
Name of the Vulnerable Software and Affected Versions: Auvesy webinstaller affected versions not specified Description: The issue concerns a Golang web server executable used for generating an Auvesy image agent. It allows for resource consumption by creating a large number of installations that...
CVE-2021-31361 Junos OS: QFX Series and PTX Series: FPC resource usage increases when certain packets are processed which are being VXLAN encapsulated
An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP...
GHSA-QPGV-G792-WH6X Uncontrolled Resource Consumption in parse_duration
An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...
The vulnerability of the ZeroMQ messaging library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the ZeroMQ messaging library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
MediaWiki GlobalNewFiles 资源管理错误漏洞
GlobalNewFiles is an extension of the MediaWiki Foundation that provides a special page to view all files of a wiki farm globally. GlobalNewFiles suffers from a Resource Management Error vulnerability that stems from the fact that all existing versions of GlobalNewFiles are affected by an...
Dovecot 1.2.0 - 2.3.14 DoS Vulnerability
Dovecot is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
The vulnerability of Junos OS routers in the MX series, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of Junos OS routers in the MX series is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a attacker to cause service interruptions...
The vulnerability of the Node.js software platform’s module moment allows a hacker to trigger a service failure.
The vulnerability of Node.js’s runtime module is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the Aurora Application Software Debugging Library, related to uncontrolled resource consumption, allows a perpetrator to cause a service failure.
The vulnerability of the Aurora Application Programming Library’s debug library is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to deny services through a specially crafted regular expression...
GitLab 安全漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab suffers from a Resource Management Error...
The vulnerability of the Braces package in the npm package manager allows a hacker to trigger a service failure.
The vulnerability of the Braces package in the npm package manager is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Denial of Service (DoS) in HashiCorp Consul
HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. Specific Go Packages Affected github.com/hashicorp/consul/agent/consul...
GHSA-23JV-V6QJ-3FHH Denial of Service (DoS) in HashiCorp Consul
HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. Specific Go Packages Affected github.com/hashicorp/consul/agent/consul...
The vulnerability of the dump_desc() function in the Tor browser, which allows a hacker to trigger a service failure
The vulnerability of the dumpdesc function in the Tor browser is related to a bug in the resource consumption control mechanism. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
GitLab 资源管理错误漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...
EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2021-1360)
According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain...
The vulnerability of the REST API implementation of Cisco Managed Services Accelerator allows a perpetrator to trigger a service failure.
The vulnerability of the REST API interface implementation of Cisco Managed Services Accelerator is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2021-1120)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Cloud Pak System addressed vulnerabilities (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)
Summary IBM Cloud Pak System identified vulnerabilities in SAN VC supporting products. IBM announced a new release for IBM Cloud Pak System in response to vulnerabilities. Vulnerability Details CVEID: CVE-2019-11477 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an...