dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList

A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service...

dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList

A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

Delta Electronics CNCSoft-G2

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Heap-Based Buffer Overflow, Out-of-bounds Read, Use of Uninitialized Variable 2. RISK EVALUATION...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList

A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday...

CLSA-2024-1728404213 python2: Fix of CVE-2024-7592

CVE-2024-7592: fix quadratic complexity in parsing cookies with backslashes...

CLSA-2024-1728403484 python2: Fix of CVE-2024-7592

CVE-2024-7592: fix quadratic complexity in parsing cookies with backslashes...

PT-2024-7347

Name of the Vulnerable Software and Affected Versions: .NET and Visual Studio affected versions not specified Description: The issue is related to algorithmic complexity in the .NET and Visual Studio platform, which can be exploited by a remote attacker to cause a denial of service...

Microsoft .NET和Microsoft Visual Studio 安全漏洞

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete development toolset that includes most of the tools needed throughout the software lifecycle.Microsoft .NET is a software framework dedicated to agile software development, rapid application development,...

Siemens SINEC Security Monitor

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2024-9554

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303.30513. Affected by this vulnerability is the function CheckETCheckPwdz201 of the file suanfa.py of the component Password Reset Handler. The manipulation leads to authorization bypass. The attack can...

CVE-2024-9554 Sovell Smart Canteen System Password Reset suanfa.py Check_ET_CheckPwdz201 authorization

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303.30513. Affected by this vulnerability is the function CheckETCheckPwdz201 of the file suanfa.py of the component Password Reset Handler. The manipulation leads to authorization bypass. The attack can...

CVE-2024-9554

Sovell Smart Canteen System (up to 3.0.7303.30513) is affected by a vulnerability in the Password Reset Handler. The issue resides in the function Check_ET_CheckPwdz201 of suanfa.py and allows authorization bypass. It can be exploited remotely, with attack complexity described as high; exploitati...

CLSA-2024-1728071268 python2: Fix of CVE-2024-7592

CVE-2024-7592: fix quadratic complexity in parsing cookies with backslashes...

CLSA-2024-1727980155 python: Fix of CVE-2024-7592

CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value...

CLSA-2024-1727979765 python3.9: Fix of 2 CVEs

CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values with backslashes...