Lucene search
+L

76 matches found

Github Security Blog
Github Security Blog
added 2024/08/27 7:55 p.m.36 views

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts. For more information, see...

7AI score
Exploits0References5Affected Software2
GitLab Advisory Database
GitLab Advisory Database
added 2024/08/27 12:0 a.m.10 views

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts. For more information, see...

7AI score
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/30 12:0 a.m.27 views

Fedora 39 : prometheus-podman-exporter (2024-a8a4ce2864)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a8a4ce2864 advisory. release v1.11.0 ---- release v1.10.1 ---- release v1.10.0 Tenable has extracted the preceding description block directly from the Fedora security advisory...

4.3CVSS7AI score0.01956EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/11/08 2:26 p.m.11 views

rubygem-actionpack: Denial of Service in Action Dispatch

A flaw was found in the rubygem-actionpack. RubyGem's actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service ReDoS flaw in the Action Dispatch module. By sending specially-crafted cookies with an XFORWARDEDHOST header, a remote attacker could exploit...

7.5CVSS6.7AI score0.01695EPSS
Exploits0References5
Snyk
Snyk
added 2023/10/10 5:16 p.m.3 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS resulting in a MsQuic server application or process crash. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

7.5CVSS7.1AI score0.69494EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/07 12:0 a.m.24 views

Fedora 38 : clevis-pin-tpm2 / greetd / keyring-ima-signer / libkrun / etc (2023-cc21019773)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-cc21019773 advisory. Recent updates for the tokio, h2, and openssl crates addressed some potential or confirmed security or soundness issues: - tokio: RUSTSEC-2023-0005 - h2:...

7.5CVSS7.8AI score0.01121EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:6 a.m.5 views

SUSE CVE-2016-1978

Use-after-free vulnerability in the ssl3HandleECDHServerKeyExchange function in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL 1 DHE or 2 ECD...

7.3CVSS9.3AI score0.02386EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.3 views

SUSE CVE-2017-13776

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it...

5.3CVSS6.9AI score0.0237EPSS
Exploits1References5
Citrix
Citrix
added 2022/10/12 12:0 a.m.8 views

Alert || high memory usage - SDX

SDX high memory usage. Customer might see this on their device and might be receiving smtp alerts warning them of this...

7.1AI score
Exploits0
OSV
OSV
added 2022/03/31 10:1 a.m.7 views

OPENSUSE-SU-2022:0098-1 Security update for nextcloud

This update for nextcloud fixes the following issues: nextcloud was updated to 21.0.9: - CVE-2021-41239 CWE-200: user enumeration setting not obeyed in User Status API boo1196905 - CVE-2021-41241 CWE-863: groupfolders advanced permissions is not obeyed for subfolders boo1196908 - CVE-2021-41741...

5.3CVSS5.2AI score0.01115EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2021/11/16 2:44 p.m.93 views

CVE-2021-42114

A Rowhammer flaw was found in the latest DDR4 DRAM hardware chips. This flaw is different from the previously known attack CVE-2020-10255 by non-uniform patterns of memory access. These DDR4 DRAM hardware chips implement a Target Row Refresh TRR mitigation to prevent a Rowhammer flaw-induced bit...

9.3CVSS8.6AI score0.02889EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2021/05/06 8:15 p.m.2 views

CVE-2021-28665

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service...

7.5CVSS5.4AI score0.0099EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/02/16 7:39 a.m.115 views

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

4.3CVSS6.7AI score0.03758EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.45 views

RHEL 8 : java-1.8.0-ibm (RHSA-2021:0530)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0530 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

4.3CVSS6.8AI score0.03758EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.27 views

CentOS 8 : java-1.8.0-openjdk (CESA-2020:4347)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4347 advisory. - OpenJDK: High memory usage during deserialization of Proxy class with many interfaces Serialization, 8236862 CVE-2020-14779 - OpenJDK: Credentials se...

5.8CVSS6.4AI score0.03758EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.32 views

CentOS 8 : java-11-openjdk (CESA-2020:4305)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4305 advisory. - OpenJDK: High memory usage during deserialization of Proxy class with many interfaces Serialization, 8236862 CVE-2020-14779 - OpenJDK: Credentials se...

5.8CVSS6.4AI score0.03758EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.252 views

RHEL 7 : java-1.7.1-ibm (RHSA-2020:5586)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5586 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

4.3CVSS6.5AI score0.03758EPSS
Exploits0References13
OSV
OSV
added 2020/11/13 9:20 p.m.11 views

MGASA-2020-0418 Updated java-1.8.0-openjdk packages fix security vulnerabilities

High memory usage during deserialization of Proxy class with many interfaces. CVE-2020-14779 Credentials sent over unencrypted LDAP connection. CVE-2020-14781 Certificate blacklist bypass via alternate certificate encodings. CVE-2020-14782 Integer overflow leading to out-of-bounds access...

5.8CVSS5.5AI score0.03758EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.48 views

CentOS 7 : java-11-openjdk (RHSA-2020:4307)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4307 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

5.8CVSS6.1AI score0.03758EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.85 views

CentOS 7 : java-1.8.0-openjdk (RHSA-2020:4350)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4350 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE:...

5.8CVSS6.1AI score0.03758EPSS
Exploits0References8
Rows per page
Query Builder