Suricata security breach

Suricata is a suite of network intrusion detection systems IDS, intrusion prevention systems IPS, and network security monitoring engines developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load...

Scrapy vulnerable to ReDoS via XMLFeedSpider

Impact The following parts of the Scrapy API were found to be vulnerable to a ReDoS attack: - The XMLFeedSpider class or any subclass that uses the default node iterator: iternodes, as well as direct uses of the scrapy.utils.iterators.xmliter function. - Scrapy 2.6.0 to 2.11.0: The openinbrowser...

CVE-2024-21789

When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP Security Vulnerabilities

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that originates when configuring BIG-IP ASM/Advanced WAF security policy on a virtual server, whe...

PT-2024-19057

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions affected versions not specified Description When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Recommendations At the...

Advisory ROSA-SA-2024-2332

Software: glibc 2.28 OS: ROSA Virtualization 2.1 packageevrstring: glibc-2.28-225.rv3.src.rpm CVE-ID: CVE-2023-4527 BDU-ID: 2023-06332 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the getaddrinfo function of the glibc system library is related to reading data outside of buffer boundaries in...

python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument

A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...

Linux 5.6 io_uring Cred Refcount Overflow Exploit

Linux versions 5.6 and above appear to suffer from a cred refcount overflow when handling approximately 39 gigabytes of memory usage via iouring. Linux =5.6: cred refcount overflow at 39 GiB memory usage via iouring see also my related prior bug reports about overflowing refcounts with lots of RA...

Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)

An attacker with an HTTP/2 connection to an affected endpoint can send a steady stream of invalid frames to force the generation of reset frames on the victim endpoint. By closing their recv window, the attacker could then force these resets to be queued in an unbounded fashion, resulting in Out ...

EulerOS Virtualization 2.11.0 : libssh (EulerOS-SA-2023-2759)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated...

EulerOS Virtualization 2.9.0 : libssh (EulerOS-SA-2023-2985)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated...

OESA-2024-1074 containernetworking-plugins security update

The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...

CVE-2024-21611

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...

Design/Logic Flaw

Nginx-UI is an online statistics for Server Indicators?? Monitor CPU usage, memory usage, load average, and disk usage in real-time. This issue may lead to information disclosure. By using DefaultQuery, the "desc" and "id" values are used as default values if the query parameters are not set. Thu...

SUSE CVE-2023-6476

A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2024-1246 · Microsoft +6 · Identity +6

Name of the Vulnerable Software and Affected Versions: Microsoft Identity versions prior to 5.7.0 Microsoft Identity versions prior to 6.34.0 Microsoft Identity versions prior to 7.1.2 Description: The issue is related to incorrect clearing or release of resources in the Microsoft Identity librar...

Ruby on Rails: DoS with crafted "Range" header

The vulnerability was discovered in the Active Storage component of Ruby on Rails. The vulnerability allowed an attacker to craft a "Range" header that could lead to a Denial of Service DoS attack. The attack was possible due to the lack of validation on overlapping ranges in the...

ROS-20231114-01

A vulnerability in the Blink Media component of the Google Chrome browser is related to memory usage after it has been after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Blink Frames component of Goog...

ROS-20231114-02

Vulnerability of XIChangeDeviceProperty Xi/xiproperty.c and RRChangeOutputProperty functions randr/rrrproperty.c of X Window System Xorg-server is related to the possibility of writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cau...