Debian dla-4188 : python-tornado-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4188 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4188-1 [email protected] https://www.debian.org/lts/security/...

PT-2025-17308 · Unknown · Namelessmc

Name of the Vulnerable Software and Affected Versions: NamelessMC versions 2.1.4 and prior Description: The issue concerns a lack of length validation for the s parameter in GET requests for the forum search functionality, allowing attackers to submit excessively long search queries. This can lea...

SUSE-SU-2024:1788-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2023-38709: Fixed faulty input validation inside the HTTP response splitting code bsc1222330. - CVE-2024-24795: Fixed handling of malicious HTTP splitting response headers in multiple modules bsc1222332. - CVE-2024-27316: Fixed HTTP/2...

Unbounded loop on array can lead to DoS

Handle robee Vulnerability details The attacker can push unlimitedly to an array, that some function loop over this array. If increasing the array size enough, calling the function that does a loop over the array will always revert since there is a gas limit. This is an High Risk issue since thos...

SUSE-SU-2021:1939-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - CVE-2021-25292: Fixed a backtracking regex in PDF parser could be used as a DOS attack bsc1183101. - CVE-2021-25290: Fixed a negative-offset memcpy with an invalid size in TiffDecode.c bsc1183105. - CVE-2021-27922,CVE-2021-27923: Fixed...

[SECURITY] [DLA 393-1] srtp security update

Package : srtp Version : 1.4.4dfsg-6+deb6u2 CVE ID : CVE-2015-6360 Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length. Credit goes to Randell Jesup and the Firefox team for reporting this issue. As there is no aead mode available in th...

PHP-Nuke x.x SQL Injection

Hello, All PHP-Nuke versions, including the just released 6.0, are vulnerable to a very simple SQL injection that may lead to a basic DoS attack. For instance, if you create a short script, to send a few requests, I have tested with just 6 similar to this:...

WebShield SMTP infinite loop DoS Attack

Description: A DoS attack is very easy to implement on most WebShield SMTP setups. Sending E-mail with a "From: " address that includes a period after the domain name will cause an infinite loop using up resources until the server will finally crash. When restarted, the machine will continue to...

Проблемы с бриджингом в FreeBSD

При включеном бриджинге в FreeBSD в сочетании с пакетной фильтрации не проводится проверка заголовков IP-пакета при передаче его пакетному фильтру, что приводит к возможности DoS-атак...