EUVD-2017-8332

Malware in sbrugna...

CVE-2021-47509

CVE-2021-47509 affects the Linux kernel ALSA: pcm: oss, where the period size could be exhaustively allocated due to an overly large 31-bit limit. The fix sets a practical period-size limit of 16 MB to prevent memory exhaustion from temporary OSS buffers. This remediation is reflected in multiple...

CVE-2021-47509 ALSA: pcm: oss: Limit the period size to 16MB

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Limit the period size to 16MB Set the practical limit to the period size the fragment shift in OSS instead of a full 31bit; a too large value could lead to the exhaust of memory as we allocate temporary buffers of...

CentOS 9 : libcap-2.48-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libcap-2.48-9.el9 build changelog. - A vulnerability was found in the pthreadcreate function in libcap. This issue may allow a malicious actor to use cause realpthreadcreate to...

MikroTik RouterOS Allocation of Resources Without Limits or Throttling (CVE-2019-13074)

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. This plugin only works with Tenable.ot. Please visit...

Denial Of Service

gitlab:sid is vulnerable to Denial of Service. The vulnerability due to point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop. it allows an attacker to cause Denial of Service...

CVE-2023-45142

A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server's memory by sending many malicious requests, affecting the availability. Mitigation As a workaround to stop being affected otelhttp.WithFilter can be used...

EulerOS 2.0 SP11 : containerd (EulerOS-SA-2023-1580)

According to the versions of the containerd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the hos...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2023-1521)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the...

Denial Of Service (DoS)

github.com/cri-o/cri-o is vulnerable to denial of service. The vulnerability exists when the output of the command is large causing a memory exhaust causing an application crash...

Memory Leak Vulnerability in Huawei Products (huawei-sa-20211208-01-memleak)

There is a memory leak vulnerability in Huawei products. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

github.com/pires/go-proxyproto denial of service vulnerability

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

CVE-2020-1815

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while...

Memory corruption

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while...

CVE-2020-1815

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while...

Denial Of Service (DoS)

apostrophe is vulnerable to denial of service DoS. It does not limit a user with a login privileges to initiate multiple batch jobs requests, eventually exhausting available memory by submitting thousands of batch job requests...

rust-protobuf out-of-memory vulnerability

rust-protobuf is a Rust implementation of the Google protocol buffer. An out-of-memory vulnerability exists in rust-protobuf versions prior to 2.6.0. An attacker can exploit this vulnerability to exhaust all memory via the Vec::reserve call...

Information disclosure

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management...

openSUSE Security Update : cronie (openSUSE-2019-1520)

This update for cronie fixes the following issues : Security issues fixed : - CVE-2019-9704: Fixed an insufficient check in the return value of calloc which could allow a local user to create Denial of Service by crashing the daemon bsc1128937. - CVE-2019-9705: Fixed an implementation vulnerabili...

CVE-2018-17159

In FreeBSD before 11.2-STABLEr340854 and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation...