944 matches found
The vulnerability of the SPICE remote virtual desktop rendering system, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.
The vulnerability of the SPICE remote virtual desktop rendering system is related to significantly lower resource consumption on the client side compared to the server when establishing a new SSL connection. Exploiting this vulnerability allows a malicious actor to cause service interruptions...
The vulnerability of the _zip_read_eocd64 function in the zip_open.c component of the Libzip library allows a attacker to cause a service failure.
The vulnerability of the zipreadeocd64 function in the zipopen.c component of the Libzip library library for working with Zip archives is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the `ff_frame_pool_get` function in the `framepool.c` component of the FFmpeg multimedia library allows a attacker to cause a service failure.
The vulnerability of the ffframepoolget function in the framepool.c component of the FFmpeg multimedia library is related to improper memory release before deleting the last references. Exploiting this vulnerability allows an attacker to cause service interruptions...
The vulnerability of the telnetd server in the Inetutils network programming package allows a hacker to cause a service failure.
The vulnerability of the telnetd server in the Inetutils network programming package is related to errors in pointer manipulation during byte sequence processing. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the urllib component in the Python programming language allows a hacker to trigger a service failure.
The vulnerability of the urllib component in the Python programming language is related to an uncontrolled consumption of resources. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the sbr_process_channel function in the libfaad/sbr_dec.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to trigger a service failure.
The vulnerability of the sbrprocesschannel function in the libfaad/sbrdec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to improper processing of new PS channels. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the xfrm_expand_policies function (net/xfrm/xfrm_policy.c) in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the xfrmexpandpolicies function net/xfrm/xfrmpolicy.c in the Linux operating system is related to errors during resource release. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to trigger a service failure.
The vulnerability of Oracle Banking Trade Finance software’s Infrastructure component exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows attackers to cause service failures.
The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server within the Oracle Fusion Middleware software platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using...
The vulnerability of the hvc_xen component (console) of the Xen hypervisor allows a attacker to cause a service failure.
The vulnerability of the hvcxen component console of the Xen hypervisor is related to an uncontrolled resource consumption. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...
The vulnerability of the PK11_ChangePW function in the Mozilla Firefox browser and Thunderbird email client allows a hacker to trigger a service failure.
The vulnerability of the PK11ChangePW function in the Mozilla Firefox browser and Thunderbird email client is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability of the NGINX Instance Manager automation platform, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.
The vulnerability of the NGINX Instance Manager automation platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
Deserialization of untrusted data
EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate...
CVE-2022-35223
CVE-2022-35223 affects EasyUse MailHunter Ultimate via its cookie deserialization function. The root cause is inadequate validation during deserializing cookies containing a malicious payload, enabling an unauthenticated remote attacker to execute arbitrary code, manipulate system commands, or in...
National Health Insurance 缓冲区错误漏洞
National Health Insurance NHI is a health insurance program health insurance card in Taiwan, China. A security vulnerability exists in National Health Insurance that stems from insufficient validation of network packet header lengths and a stack-based buffer overflow, which could be exploited by ...
The vulnerability of the Net-SNMP software suite arises from insufficient validation of input data, allowing a perpetrator to trigger a service failure.
The vulnerability of the Net-SNMP software suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...
Vulnerability of the Server component of the Oracle MySQL Server, a database management system in the Federated system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component in the Oracle Database Management System involves errors related to resource release. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...
Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows a hacker to cause a service failure.
Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to insufficient validation of input data. Exploitation of this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the microprogrammed software of industrial switches SCALANCE W1788-1 M12, SCALANCE W1788-2 EEC M12, SCALANCE W1788-2 M12, SCALANCE W1788-2IA M12 allows a intruder to trigger a service failure.
The vulnerability of the microprogrammed software of industrial switches SCALANCE W1788-1 M12, SCALANCE W1788-2 EEC M12, SCALANCE W1788-2 M12, and SCALANCE W1788-2IA M12 is related to errors in processing ARP packets. Exploiting this vulnerability can allow a remote attacker to cause service...