Security Bulletin: Denial of service and server-side request forgery might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-39249, CVE-2024-39338 Vulnerability Details CVEID:CVE-2024-39249 DESCRIPTION: Async is vulnerable to a denial of...

Denial Of Service (DoS)

Microsoft.AspNetCore.App.Runtime is vulnerable to a Denial of Service DoS vulnerability. The vulnerability is due to a specific condition or action that allows an attacker to disrupt service availability...

CVE-2024-42038

Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability...

Security Bulletin: Denial of service and remote code execution might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-6387, CVE-2024-39329, CVE-2024-38875, CVE-2024-39614, CVE-2024-39330, CVE-2024-21520, CVE-2024-39689,...

The vulnerability of the fromNatlimit function (/goform/Natlimit) in the Tenda F1202 router microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromNatlimit function /goform/Natlimit in the Tenda F1202 router microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected informatio...

CVE-2024-6036 Denial of Service in gaizhenbiao/chuanhuchatgpt

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the /queue/join? endpoint with "fnindex":66. This unrestricted server restart capability can severely disrupt service availability, cause data loss or...

CVE-2024-6036 Denial of Service in gaizhenbiao/chuanhuchatgpt

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the /queue/join? endpoint with "fnindex":66. This unrestricted server restart capability can severely disrupt service availability, cause data loss or...

PT-2024-37334 · Unknown · Gaizhenbiao/Chuanhuchatgpt

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt version 20240410 Description: A vulnerability allows any user to restart the server at will by sending a specific request to the "/queue/join?" endpoint with fn index:66. This unrestricted server restart capability...

Directus GraphQL Field Duplication Denial of Service (DoS)

Summary A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single query. This can cause the server to perform redundant computations and...

A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.

...

Denial Of Service (DoS)

silverstripe/framework is vulnerable to Denial Of Service DoS. The vulnerability is due to insufficient authentication controls in the dev/build system controller, which could allow unauthorized users to trigger the dev/build process and potentially causing resource exhaustion and disrupting...

Huawei HarmonyOS and EMUI Memory Management Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A memory management vulnerability exists in Huawei...

Huawei HarmonyOS and EMUI Feature Vulnerabilities

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A functional vulnerability exists in Huawei HarmonyOS and...

Huawei HarmonyOS and EMUI Out-of-Bounds Read Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to an...

Huawei 手机安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A memory management vulnerability exists in Huawei...

CVE-2024-22279

Improper handling of requests in Routing Release v0.273.0 and = v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale...

CVE-2024-22279

CVE-2024-22279 affects Cloud Foundry routing (GoRouter). The issue is an improper handling of requests in Routing Release versions v0.273.0 up to and including v0.297.0, allowing an unauthenticated attacker to degrade service availability at scale (DoS). Affected products: Routing Release and CF ...

CVE-2024-22279 GoRouter Denial of Service Attack

Improper handling of requests in Routing Release v0.273.0 and = v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale...

CVE-2024-22279 GoRouter Denial of Service Attack

Improper handling of requests in Routing Release v0.273.0 and = v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale...

Denial of service in langchain-community

Denial of service in SitemapLoader Document Loader in the langchain-community package, affecting versions below 0.2.5. The parsesitemap method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the current sitemap...