Lucene search
K

480 matches found

ThreatPost
ThreatPost
added 2021/11/15 8:10 p.m.25 views

Cybercriminals Target Alibaba Cloud for Cryptomining, Malware

Cybercriminals are targeting Alibaba Elastic Computing Service ECS instances, disabling certain security features to further their cryptomining goals. Alibaba offers a few unique options that make it a highly attractive target for attackers, researchers noted. Register now for our LIVE event!...

8.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/10/22 12:0 a.m.3 views

PT-2021-22139 · Auvesy · Auvesy Webinstaller

Name of the Vulnerable Software and Affected Versions: Auvesy webinstaller affected versions not specified Description: The issue concerns a Golang web server executable used for generating an Auvesy image agent. It allows for resource consumption by creating a large number of installations that...

8CVSS6.3AI score0.00788EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/10/19 6:16 p.m.27 views

CVE-2021-31361 Junos OS: QFX Series and PTX Series: FPC resource usage increases when certain packets are processed which are being VXLAN encapsulated

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP...

5.3CVSS5.4AI score0.01015EPSS
Exploits0References1
OSV
OSV
added 2021/08/25 8:54 p.m.5 views

GHSA-QPGV-G792-WH6X Uncontrolled Resource Consumption in parse_duration

An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...

7.5CVSS5.9AI score0.00973EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.6 views

The vulnerability of the ZeroMQ messaging library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the ZeroMQ messaging library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

6.5CVSS7.1AI score0.01073EPSS
Exploits1References12Affected Software4
CNNVD
CNNVD
added 2021/06/28 12:0 a.m.3 views

MediaWiki GlobalNewFiles 资源管理错误漏洞

GlobalNewFiles is an extension of the MediaWiki Foundation that provides a special page to view all files of a wiki farm globally. GlobalNewFiles suffers from a Resource Management Error vulnerability that stems from the fact that all existing versions of GlobalNewFiles are affected by an...

6.5CVSS6.6AI score0.01332EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/28 12:0 a.m.24 views

Dovecot 1.2.0 - 2.3.14 DoS Vulnerability

Dovecot is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

4.3CVSS5.8AI score0.01968EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.5 views

The vulnerability of Junos OS routers in the MX series, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of Junos OS routers in the MX series is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a attacker to cause service interruptions...

5.5CVSS5.9AI score0.00232EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/10 12:0 a.m.6 views

The vulnerability of the Node.js software platform’s module moment allows a hacker to trigger a service failure.

The vulnerability of Node.js’s runtime module is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.5CVSS6.5AI score0.03673EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.9 views

The vulnerability of the Aurora Application Software Debugging Library, related to uncontrolled resource consumption, allows a perpetrator to cause a service failure.

The vulnerability of the Aurora Application Programming Library’s debug library is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to deny services through a specially crafted regular expression...

5.3CVSS6.2AI score0.02798EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.7 views

GitLab 安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab suffers from a Resource Management Error...

6.5CVSS5.6AI score0.01845EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/06/04 12:0 a.m.5 views

The vulnerability of the Braces package in the npm package manager allows a hacker to trigger a service failure.

The vulnerability of the Braces package in the npm package manager is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.3CVSS6.1AI score0.01363EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/18 6:19 p.m.63 views

Denial of Service (DoS) in HashiCorp Consul

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. Specific Go Packages Affected github.com/hashicorp/consul/agent/consul...

7.5CVSS7.5AI score0.0201EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/05/18 6:19 p.m.17 views

GHSA-23JV-V6QJ-3FHH Denial of Service (DoS) in HashiCorp Consul

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. Specific Go Packages Affected github.com/hashicorp/consul/agent/consul...

7.5CVSS7.4AI score0.0201EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.9 views

The vulnerability of the dump_desc() function in the Tor browser, which allows a hacker to trigger a service failure

The vulnerability of the dumpdesc function in the Tor browser is related to a bug in the resource consumption control mechanism. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.5CVSS7.4AI score0.01672EPSS
Exploits0References7Affected Software3
CNNVD
CNNVD
added 2021/04/01 12:0 a.m.6 views

GitLab 资源管理错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...

4.3CVSS5.6AI score0.01206EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.37 views

EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2021-1360)

According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain...

9.3CVSS6.6AI score0.07879EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.4 views

The vulnerability of the REST API implementation of Cisco Managed Services Accelerator allows a perpetrator to trigger a service failure.

The vulnerability of the REST API interface implementation of Cisco Managed Services Accelerator is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

4.3CVSS6.5AI score0.0114EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2021/01/19 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2021-1120)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.07234EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/31 3:53 p.m.41 views

Security Bulletin: IBM Cloud Pak System addressed vulnerabilities (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)

Summary IBM Cloud Pak System identified vulnerabilities in SAN VC supporting products. IBM announced a new release for IBM Cloud Pak System in response to vulnerabilities. Vulnerability Details CVEID: CVE-2019-11477 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an...

7.8CVSS0.5AI score0.98745EPSS
Exploits4Affected Software1
Rows per page
Query Builder