IBM Db2 Denial of Service Vulnerability (CNVD-2024-36740)

IBM Db2 is a high-performance relational database management system RDBMS developed by IBM and designed to handle large amounts of data and complex business needs. A denial of service vulnerability exists in IBM Db2 in versions 11.1 and 11.5. The vulnerability arises due to improper memory...

The vulnerability of the Daemon Routing Protocols (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause service interruptions.

The vulnerability of the Daemon Routing Protocols RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS on SRX Series devices allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS on SRX Series devices is related to the use of uncontrolled format strings. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of Banzai Pipeline, a software platform based on Git for collaborative code development on GitLab, allows a hacker to trigger a service failure.

The vulnerability of Banzai Pipeline, a software platform based on Git for collaborative code development on GitLab, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the bmp_decompress_rle4() function in the MuPDF PDF viewer software, which allows a hacker to trigger a service failure.

The vulnerability of the bmpdecompressrle4 function in the MuPDF PDF viewer software is related to division by zero. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability in the web interface of the LoLLMS WebUI system, which is used for launching and managing large language models in LoLLMS (Lord of Large Language Multimodal Systems), involves an uncontrolled resource consumption. This allows a malicious user to cause a service failure.

The vulnerability in the LoLLMS WebUI web interface, which is used to launch and manage large language models in LoLLMS Lord of Large Language Multimodal Systems, involves an uncontrolled resource consumption during the processing of the end-point opencodeinvscode. Exploiting this vulnerability...

The vulnerability of the fz_new_pixmap_from_float_data() function in the MuPDF PDF viewer software, which allows a hacker to trigger a service failure.

The vulnerability of the fznewpixmapfromfloatdata function in the MuPDF PDF viewer software is related to division by zero. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service interruptions by sending specially created adoc...

The vulnerability of the gf_fwrite component in the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gffwrite component in the GPAC multimedia platform is related to buffer overflow attacks. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the mp3_dmx_process() function on the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the mp3dmxprocess function on the GPAC multimedia platform is related to buffer overflow attacks. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of Elasticsearch’ search engine, a software platform based on Git for collaborative code development on GitLab, allows a hacker to trigger a service failure.

The vulnerability of Elasticsearch, a software platform based on Git for collaborative code development on GitLab, is related to an uncontrolled resource consumption during the processing of search results. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the ManageEngine ADSelfService Plus software for password reset functions, due to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the ManageEngine ADSelfService Plus password reset software is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

DEBIAN-CVE-2024-41081

In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ilaoutput As explained in commit 1378817486d6 "tipc: block BH before using dstcache", net/core/dstcache.c helpers need to be called with BH disabled. ilaoutput is called from lwtunneloutput possibly from process...

The vulnerability of the libvpx video encoding/decoding library, related to buffer overflows in the queue mechanism, allows attackers to trigger service failures or cause other adverse effects.

The vulnerability of the libvpx video encoding/decoding library is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions or other adverse effects...

The vulnerability of the Control Protocol Director (l2cpd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Control Protocol Director l2cpd in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to improper handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the SCADA system MasterSCADA 4D, related to errors in processing input data, allows a intruder to trigger a service failure.

The vulnerability of the SCADA system MasterSCADA 4D is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to a validation error in the input data received from the web server. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the VMware Cloud Director platform, related to deficiencies in access control, allows a attacker to trigger a service failure.

The vulnerability of the VMware Cloud Director platform relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to buffer overflow attacks, which allow attackers to cause system failures.

The vulnerability of the software for processing, transforming, and generating Ghostscript documents is related to buffer overflows during the processing of the PDFPassword parameter. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...