EulerOS Virtualization 2.9.1 : shim (EulerOS-SA-2023-3095)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate...

PT-2024-1576

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0 through 3.1 Description The issue is related to the function EVP PKEY public check in the OpenSSL library, which can lead to a Denial of Service DoS attack when checking excessively long invalid RSA public keys. This can...

CVE-2023-34061

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment...

CVE-2023-34061

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment...

CVE-2023-34061

CVE-2023-34061 affects Cloud Foundry routing_release versions 0.163.0 through 0.283.0 (and CF Deployment up to 0.33.5, per advisory) where an unauthenticated attacker can trigger route pruning, causing denial of service and degraded availability. The issue is due to a vulnerability in the Goroute...

CVE-2023-34061 CVE-2023-34061 – Gorouter route pruning

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment...

CVE-2023-34061 CVE-2023-34061 – Gorouter route pruning

Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment...

CVE-2024-22027

Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service DoS attack against external services...

CVE-2024-22027

Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service DoS attack against external services...

CVE-2024-22027

CVE-2024-22027 affects the WordPress Quiz Maker Plugin predating version 6.5.0.6. The issue is an improper input validation (CWE-20) that enables a remote authenticated attacker to trigger a Denial of Service against external services. Affected software: WordPress Quiz Maker Plugin, prior to 6.5....

JVN#37326856: Improper input validation vulnerability in WordPress Plugin "WordPress Quiz Maker Plugin"

WordPress Plugin "WordPress Quiz Maker Plugin" provided by AYS Pro Plugins contains an improper input validation vulnerability CWE-20. Impact A user of the product may use the product to perform a Denial of Service DoS attack against external services. Solution Update the plugin Update the plugin...

Design/Logic Flaw

The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...

Design/Logic Flaw

The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...

Design/Logic Flaw

The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...

CVE-2023-48266

The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...

CVE-2023-48264

The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service DoS attack or, possibly, obtain Remote Code Execution RCE via a crafted network request...

CVE-2023-48264

CVE-2023-48264 affects Bosch Nexo cordless nutrunner family. Connected sources describe an unauthenticated remote attacker exploit leveraging a stack-buffer overflow via a crafted network request, causing DoS and potentially remote code execution. The issue is tied to Bosch’s Nexo line (including...

Oracle Linux 8 : python3 (ELSA-2024-0114)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0114 advisory. - Security fix for CVE-2022-48560 Resolves: rhbz2249755 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CentOS 8 : python3 (CESA-2024:0114)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0114 advisory. - A use-after-free exists in Python through 3.9 via heappushpop in heapq. CVE-2022-48560 - readints in plistlib.py in Python through 3.9.1 is vulnerabl...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...