CentOS 7 : firefox (RHSA-2021:1363)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1363 advisory. - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as wel...

The vulnerability of the iopoib component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iopoib component in the Linux operating system’s kernel is related to incorrect resource blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20240927-05

Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...

PT-2024-6501

Name of the Vulnerable Software and Affected Versions cups versions prior to 2.4.11-alt1 cups-browsed versions prior to 2.0.1-0ubuntu2.1 cups-filters affected versions not specified Description The Common UNIX Printing System CUPS and related components, including cups-browsed and cups-filters, a...

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

The vulnerability of the btrfs component of the Linux operating system’s kernel, related to improper blocking mechanisms, allows attackers to trigger a service failure.

The vulnerability of the btrfs component in the Linux operating system’s kernel is related to the handling of transactions when the flushoncommit function is used. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the iommu component in the Linux operating system’s kernel, related to improper blocking, allows a hacker to trigger a service failure.

The vulnerability of the iommu component in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the btrfs component of the Linux operating system’s kernel, related to improper blocking mechanisms, allows attackers to trigger a service failure.

The vulnerability of the btrfs component in Linux operating systems is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

OESA-2024-2148 fence-agents security update

A collection of executables to handle isolation "fencing" of possibly misbehaving hosts by the means of remote power management, blocking network, storage, or similar. They operate through a unified interface calling conventions devised for the original Red Hat clustering solution. Security Fixes...

The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP allows a perpetrator to cause service failures.

The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP is related to the mutual blocking of execution streams. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

[SECURITY] Fedora 40 Update: haproxy-2.9.10-1.fc40

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

CVE-2024-7734

An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers...

CVE-2024-7734

CVE-2024-7734 affects Phoenix Contact FL MGUARD (mGuard) devices; pathfinder TCP encapsulation service can be abused by establishing a high volume of TCP connections, causing a denial of service that blocks valid IPsec VPN peers. Public references in Red Hat and related advisories confirm unauthe...

PT-2024-38542 · Phoenix Contact · Phoenix Contact Fl Mguard

Name of the Vulnerable Software and Affected Versions: Phoenix Contact FL MGUARD versions affected versions not specified Description: An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the...

Why It's So Hard to Fully Block X in Brazil

With 20,000 internet providers across the country, the technical challenges of blocking X in Brazil mean some connections are slipping through the cracks...

The vulnerability of the vmscan component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the vmscan component in the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bpf component in the Linux operating system’s kernel is related to the addition of scheduling points in the syzbot package, which trigger blocking actions. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the RDMA core component of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the RDMA core component of the Linux operating system is related to improper blocking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-2502

CVE-2024-2502 describes a tamper-handling bug in Silicon Labs Series 2 HSE-SVH devices where the TAMPERRSTCAUSE register may not be updated on a level 4 tamper event, potentially preventing the system from blocking boot attempts after consecutive tamper resets as intended. Affected products inclu...

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

Attackers are increasingly using new phishing toolkits open-source, commercial, and criminal to execute adversary-in-the-middle AitM attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MF...