5 matches found
Improper Handling of Highly Compressed Data (Data Amplification)
Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the Decode function. An attacker can exhaust memory and CPU resources and cause a server crash by sending a specially crafted HTTP request containing highly compressed...
PT-2024-22356 · Unknown +1 · Glpi Agent +1
Name of the Vulnerable Software and Affected Versions: GLPI Agent versions prior to 1.7.2 Description: A local user can modify the GLPI-Agent code or used DLLs to modify agent logic and potentially gain higher privileges. Recommendations: For versions prior to 1.7.2, upgrade to GLPI-Agent 1.7.2 t...
Important: libgit2
Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...
Denial of Service (DoS)
Overview grpc/grpc-swift is a Swift language implementation of gRPC. Affected versions of this package are vulnerable to Denial of Service DoS via reachable assertion, due to an incorrect logic when handling GOAWAY frames. Details Denial of Service DoS describes a family of attacks, all aimed at...
PT-2014-3545 · Qemu +5 · Qemu +5
Name of the Vulnerable Software and Affected Versions: QEMU versions prior to 1.7.2 Description: The issue is caused by an integer overflow in the qcow open function, which can lead to a denial of service crash and potentially allow the execution of arbitrary code. This occurs when a large image...