MiracleLinux 7 : 389-ds-base-1.3.6.1-19.el7 (AXSA:2017-2225:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2225:06 advisory. A flaw was found in the way 389-ds-base handled authentication attempts against locked accounts. A remote attacker could potentially use this flaw to continu...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 CVE-2024-50301: security/keys: fi...

Vulnerabilities fixed in Keycloak

Red Hat has fixed vulnerabilities in Keycloak. The vulnerabilities include an issue where JWT tokens with long expiration times can cause infinite growth in the cache, resulting in an OutOfMemoryError and a Denial-of-Service for legitimate users. In addition, verification of trust store...

xgrammar Vulnerable to Denial of Service (DoS) by abusing unbounded cache in memory

Summary Xgrammar includes a cache for compiled grammars to increase performance with repeated use of the same grammar. This cache is held in memory. Since the cache is unbounded, a system making use of xgrammar can be abused to fill up a host's memory and case a denial of service. For example,...

'ERROR: Minimum Cache Memory Not Configured' When Setting Global Cache Parameter

After upgrading to version 13.1 Build 42.47+from any previous version, you may notice a different behavior when configuring the global cache parameter. You are unable to set the cache global parameters unless the value of "-memLimit" is=N 4MB N is the number of NSPPEs. Attempting to set the cache...

CVE-2020-5861

On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors...

UBUNTU-CVE-2019-5756

Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

RedHat Update for qemu-kvm RHSA-2015:0349-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for qemu-kvm RHSA-2014:0927-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2631-1] squid3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2630-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 24, 2013 http://www.debian.org/security/faq -...

Memory corruption

Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache...

Ubuntu Update for squid vulnerability USN-565-1

Ubuntu Update for Linux kernel vulnerabilities USN-565-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5651.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for squid vulnerability USN-565-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : squid vulnerability (USN-565-1)

It was discovered that Squid did not always clean up cache memory correctly. A remote attacker could manipulate cache update replies and cause Squid to use all available memory, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block direct...

USN-565-1: Squid vulnerability

It was discovered that Squid did not always clean up cache memory correctly. A remote attacker could manipulate cache update replies and cause Squid to use all available memory, leading to a denial of service...

FreeBSD 3.03.13.2 - vfs_cache Denial of Service

FreeBSD 3.03.13.2 - vfscache Denial of Service // source: https://www.securityfocus.com/bid/653/info A vulnerability exists in FreeBSD's new VFS cache introduced in version 3.0 that allows a local and possibly remote user to force the kernel to consume large quantities of wired memory thus creati...