72 matches found
CVE-2024-21983
StorageGRID formerly StorageGRID Webscale versions prior to 11.8 are susceptible to a Denial of Service DoS vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot...
CVE-2024-5695
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox 127...
CVE-2020-5933
On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger a...
CVE-2025-37989
Technical details about CVE-2025-37989 are not publicly provided in the connected documents. Monitor for updates from official advisories; the current sources do not reveal affected products, versions, impact, or fixes beyond the description.
CVE-2022-24756
Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director = 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that i...
CVE-2024-11523 IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...
freeglut: memory leak via glutAddMenuEntry() function
A memory leak flaw was found in the glutAddMenuEntry function of freeglut, an open-source alternative to the OpenGL Utility Toolkit. This issue may allow an attacker to launch a denial of service attack by crashing or hanging the program or take advantage of other unexpected program behavior...
Amazon Linux 2 : firefox (ALASFIREFOX-2024-024)
The version of firefox installed on the remote host is prior to 115.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-024 advisory. An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript...
Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Mozilla Firefox Denial of Service Vulnerability (CNVD-2024-36732)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a denial of service vulnerability that stems from an out-of-memory condition during object initialization that may result in an empty shape list. An attacker can exploit th...
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...
Important: Red Hat Security Advisory: bind and bind-dyndb-ldap security updates
Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
bind security update
bind 32:9.16.23-14.4 - Rebuild with correct z-stream tag again 32:9.16.23-14.3 - Rebuild together with bind-dyndb-ldap to adjust ABI changes 32:9.16.23-14.2 - Import tests for large DNS messages fix - Add downstream change complementing CVE-2023-50387 32:9.16.23-14.1 - Prevent increased CPU load ...
BIT-TENSORFLOW-2022-21733 Memory exhaustion in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
Fedora 39 : perl-Spreadsheet-ParseXLSX (2024-5f136f5d10)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5f136f5d10 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...
CVE-2024-24259
A memory leak flaw was found in the glutAddMenuEntry function of freeglut, an open-source alternative to the OpenGL Utility Toolkit. This issue may allow an attacker to launch a denial of service attack by crashing or hanging the program or take advantage of other unexpected program behavior...
CVE-2023-6516 Specific recursive query patterns may lead to an out-of-memory condition
To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...
Denial Of Service (DoS)
github.com/openfga/openfga is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient memory management in the ListObjects function, particularly in handling the closure of the ReverseExpand channel, resulting in memory being improperly released. This flaw allows an attacker ...
openSUSE 15 Security Update : perl-Spreadsheet-ParseXLSX (openSUSE-SU-2024:0021-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0021-1 advisory. - The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs...
CVE-2024-22368
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells...