CVE-2024-21453 Improper Input Validation in Automotive Telematics

Transient DOS while decoding message of size that exceeds the available system memory...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service when decoding messages whose size exceeds the available system memory...

PT-2024-18879 · Unknown · Automotive Telematics

Name of the Vulnerable Software and Affected Versions: Automotive Telematics affected versions not specified Description: The issue is related to a transient Denial of Service DOS that occurs while decoding the ToBeSignedMessage in Automotive Telematics. Recommendations: At the moment, there is n...

PT-2024-18878 · Qualcomm · Snapdragon +26

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a transient Denial of Service DOS that occurs when decoding a message of a size that exceeds the available system memory...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

Important: Red Hat Security Advisory: squid security and bug fix update

An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

UBUNTU-CVE-2021-47168

In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayoutdecodelayout The "sizeofstruct nfsfh" is two bytes too large and could lead to memory corruption. It should be NFSMAXFHSIZE because that's the size of the -data buffer. I reversed the size...

squid:4 security update

libecap squid 7:4.15-7.10 - Resolves: RHEL-19551 - squid:4/squid: denial of service in HTTP request parsing CVE-2023-50269 7:4.15-7.9 - Resolves: RHEL-28611 - squid:4/squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 7:4.15-7.6 - Resolves: RHEL-26087 - squid:4/squid: denial of...

DEBIAN-CVE-2024-28574

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the opjj2kcopydefaulttcpandcreatetcd function when reading images in J2K format...

squid security update

7:5.5-6.0.1.8 - Rebuild with release bump 7:5.5-6.8 - Resolves: RHEL-19555 - squid: denial of service in HTTP request parsing CVE-2023-50269 7:5.5-6.7 - Resolves: RHEL-28614 - squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 7:5.5-6.6 - Resolves: RHEL-26091 - squid: denial of...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

AZL-35898 CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

AZL-35911 CVE-2024-22025 affecting package nodejs18 for versions less than 18.18.2-5

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

AZL-35909 CVE-2024-22025 affecting package nodejs for versions less than 16.20.2-4

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

DEBIAN-CVE-2024-22025

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

UBUNTU-CVE-2024-22025

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...

Node.js Security Vulnerabilities

Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in Node.js that stems from the fetch function always decoding Brotli, exhausting resources and causing a denial of service...