EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2586)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

UBUNTU-CVE-2023-29408

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...

Advisory ROSA-SA-2023-2207

software: kernel-5.10 5.10.184 WASP: ROSA-CHROME packageevrstring: kernel-5.10-generic-5.10.184-1.src.rpm CVE-ID: CVE-2023-34255 BDU-ID: 2023-02994 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xfsbtreelookupgetblock function of the Linux operating systems kernel is related to memory usage aft...

Advisory ROSA-SA-2023-2206

software: kernel-5.15 5.15.117 WASP: ROSA-CHROME packageevrstring: kernel-5.15-generic-5.15.117-1.src.rpm CVE-ID: CVE-2023-2124 BDU-ID: 2023-02529 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the XFS file system of the Linux operating system kernel is related to insufficient metadata control duri...

Cisco NX-OS Software Network Time Protocol Denial of Service (CVE-2019-1967)

A vulnerability in the Network Time Protocol NTP feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a dr...

EulerOS 2.0 SP10 : libssh (EulerOS-SA-2023-2358)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

WEM Policy For Users Account to Restrict the CPU & Memory Usage

WEM Policy For Users Account to Restrict the CPU & Memory Usage. We need to some percentage CPU & Memory only to use the CPU & Memory where users are accessing the chrome browsers , etc applications in citrix...

Advisory ROSA-SA-2023-2184

Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 packageevrstring: libwebp-1.0.0.0-8.rv3.src.rpm CVE-ID: CVE-2020-36329 BDU-ID: 2021-03101 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is related to memory usage after memory is freed...

Apache Any23 vulnerable to excessive memory usage

Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage...

GHSA-2GPR-J5VJ-WVH2 Apache Any23 vulnerable to excessive memory usage

Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage...

CVE-2023-34150

UNSUPPORTED WHEN ASSIGNED Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage...

CVE-2023-34150

UNSUPPORTED WHEN ASSIGNED Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage...

CVE-2023-34150 Apache Any23: Possible excessive allocation of resources reading input.

UNSUPPORTED WHEN ASSIGNED Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage...

CVE-2023-34150

CVE-2023-34150 affects Apache Any23 due to a flaw in TikaEncodingDetector that can cause excessive memory usage, potentially leading to denial of service. The vulnerability is documented across multiple sources (CVE records and related advisories), describing memory overuse as the primary impact....

CVE-2023-34150 Apache Any23: Possible excessive allocation of resources reading input.

UNSUPPORTED WHEN ASSIGNED Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage...

PT-2023-24695 · Apache · Apache Any23

Name of the Vulnerable Software and Affected Versions: Apache Any23 affected versions not specified Description: The use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

GHSA-JRM6-H9CQ-8GQW PyPDF2 quadratic runtime with malformed PDF missing xref marker

Impact An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. Patches https://github.com/py-pdf/pypdf/pull/808 Workarounds ...

ROS-20230616-02

Vulnerability in libavcodec/pthreadframe.c component of FFmpeg multimedia library is related to memory usage after it is freed when processing worker threads with hwaccel decoder. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

CVE-2023-2778

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...

Design/Logic Flaw

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...