EUVD-2022-55941

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php, traceroute.php, and dns.php to generate network flooding attacks targeting...

EUVD-2000-0967

Malware in sbrugna...

RepuNet: a Reputation System for Mitigating Malicious Clients in DFL

Decentralized Federated Learning DFL enables nodes to collaboratively train models without a central server, introducing new vulnerabilities since each node independently selects peers for model aggregation. Malicious nodes may exploit this autonomy by sending corrupted models model poisoning,...

A Virtual Cybersecurity Department for Securing Digital Twins in Water Distribution Systems

Digital twins DTs help improve real-time monitoring and decision-making in water distribution systems. However, their connectivity makes them easy targets for cyberattacks such as scanning, denial-of-service DoS, and unauthorized access. Small and medium-sized enterprises SMEs that manage these...

Virtuozzo Hybrid Infrastructure 6.3 Update 1 Hotfix 1 (6.3.1-106)

This update provides stability fixes. Vulnerability id: VSTOR-85873 Disks may be erroneously marked as ill. Vulnerability id: VSTOR-93149, VSTOR-100823 Improvements in the garbage collector. Vulnerability id: VSTOR-94512 Added the volume ID to LUN details. Vulnerability id: VSTOR-95095 Increased...

CVE-2021-38447 OCI OpenDDS Secure Amplification

OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition...

UBUNTU-CVE-2019-15753

In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instance...

Bitcoin Core Software Patches a Critical DDoS Attack Vulnerability

The Bitcoin Core development team has released an important update to patch a major DDoS vulnerability in its underlying software that could have been fatal to the Bitcoin Network, which is usually known as the most hack-proof and secure blockchain. The DDoS vulnerability, identified as...

ICMPv6 Router Announcement flooding denial of service affecting multiple systems

This security advisory is released because Microsoft doesnt want to fix the issue. Cisco did for its IOS and ASA within 3 months. Title: ICMPv6 Router Announcement flooding denial of service affecting multiple systems Date: 05 April 2011 URL:...

Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities Advisory ID: cisco-sa-20091014-cup Revision 1.0 For Public Release 2009 October 14 1600 UTC GMT +---------------------------------------------------------------------...

MTA Open Mail Relaying Allowed (thorough test)

Nessus has detected that the remote SMTP server is insufficiently protected against mail relaying. This issue allows any spammer to use your mail server to send their mail to the world, thus flooding your network bandwidth and possibly getting your mail server blacklisted. C Tenable Network...

ID Software Quake 3 - 'SMURF' Denial of Service

// source: https://www.securityfocus.com/bid/3060/info Quake 3 network play features contain a remotely exploitable denial of service vulnerability. A hostile client program can be used by to generate a large number of forged client queries on behalf of a target user. The server's responses flood...