3459 matches found
CVE-2024-21894
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of...
CVE-2024-21894
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of...
CVE-2024-21894
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of...
CVE-2024-21894
Ivanti Connect Secure and Ivanti Policy Secure are affected by CVE-2024-21894/CVE-2024-29205, a heap overflow in the IPSec/web component that can be exploited by an unauthenticated remote attacker to crash the service and, in certain conditions, may lead to arbitrary code execution. Affected vers...
CVE-2024-21894
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of...
CVE-2024-22052
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack...
CVE-2024-22052
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack...
CVE-2024-22053
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory...
CVE-2024-22053
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory...
CVE-2024-22052
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack...
CVE-2024-22053
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) are affected by CVE-2024-22053. A heap overflow in the IPSec component allows an unauthenticated attacker to send crafted requests that crash the service (DoS) and, in some cases, read contents from memory. The CVSS 3.1/3.0 im...
CVE-2024-22052
Technical details about CVE-2024-22052 are not publicly provided in the supplied documents. Monitor for updates from authoritative sources.
Ivanti Connect Secure 9.x / 22.x Multiple Vulnerabilities (CVE-2024-21894)
The Ivanti Connect Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by multiple vulnerabilities: - A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially...
Ivanti Policy Secure 9.x / 22.x Multiple Vulnerabilities (CVE-2024-21894)
The Ivanti Policy Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by multiple vulnerabilities: - A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially...
CVE-2023-33101
CVE-2023-33101 is a DoS affecting Qualcomm chipsets, triggered by processing a DL NAS TRANSPORT message with payload length 0. The CVSS 3.1 base score is 7.5 (Network, Low attack complexity, No privileges, No user interaction; Availability impact HIGH). Connected sources indicate the issue is add...
Medium: python-jwcrypto
Issue Overview: A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denia...
BIT-ARGO-CD-2024-21661 Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service DoS attack, rendering the application inoperable and affecting all users. The issue...
CVE-2024-29904
CodeIgniter is a PHP full-stack web framework A vulnerability was found in the Language class that allowed DoS attacks. This vulnerability can be exploited by an attacker to consume a large amount of memory on the server. Upgrade to v4.4.7 or later...
RLSA-2024:1510 Important: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 nodejs: vulnerable to timing variant of...
CVE-2024-30156
A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...