Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when the PDFDoc::replacePageDict function processes data missing a necessary stream check while saving an embedded file. The attacker can cause an assertion failure in Object.h, rendering the service unavailable...

CVE-2023-39389

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability...

CVE-2023-39388

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability...

Design/Logic Flaw

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability...

CVE-2023-39389

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability...

PT-2023-26916 · Unknown · Pms Module

Name of the Vulnerable Software and Affected Versions: PMS module affected versions not specified Description: The issue is related to the PMS module, where input parameters are not strictly verified. This can lead to successful exploitation causing home screen unavailability. Recommendations: At...

PT-2023-26917 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue is related to the PMS module, where input parameters are not strictly verified. This can lead to successful exploitation causing...

CVE-2023-40256

A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the...

CVE-2023-37491

The ACL Access Control List of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the...

GHSA-GPCV-P28P-FV2P odoh-rs's Invalid Slice Split Results in Server Panic

A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...

odoh-rs's Invalid Slice Split Results in Server Panic

A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...

Design/Logic Flaw

Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. The real-world impact of this vulnerability is limited, however we still...

CVE-2023-21405

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...

CVE-2023-21405 Denial-of-Service vulnerability in Axis Network Door Controller's and Axis Network Intercom's OSDP communication

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...

CVE-2023-21405 Denial-of-Service vulnerability in Axis Network Door Controller's and Axis Network Intercom's OSDP communication

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...

Axis Network Door Controllers 安全漏洞

AXIS Network Door Controllers is a network door controller from AXIS Sweden. A security vulnerability exists in Axis Network Door Controllers, Axis Network Intercoms, which stems from a crash of the OSDP message parser pacsiod process when communicating via OSDP intercom, resulting in a temporary...

GHSA-G95C-2JGM-HQC6 Fides Webserver Vulnerable to Zip Bomb File Uploads

Impact The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb file, resulting in resource exhaustion and service unavailability for all users of the Fides webserver. This...

CVE-2023-37480

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb...

Default configuration

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb...

CVE-2023-37480 Fides Webserver Vulnerable to Zip Bomb File Uploads

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service DoS attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb...