182 matches found
UBUNTU-CVE-2022-49152
In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xascreaterange when multi-order entry present If there is already an entry present that is of order = XACHUNKSHIFT when we call xascreaterange, xascreaterange will misinterpret that entry as a node and dereference...
Go Ethereum vulnerable to DoS via malicious p2p message
Impact A vulnerable node can be forced to shutdown/crash using a specially crafted message. During the peer-to-peer connection handshake, a shared secret key is computed. The implementation did not verify whether the EC public key provided by the remote party is a valid point on the secp256k1...
CVE-2025-24883
go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13...
Go Ethereum 安全漏洞
Go Ethereum is an official Go implementation of the Ethernet protocol for the Ethereum community. A security vulnerability exists in Go Ethereum versions prior to 1.14.0 through 1.14.13, which stems from the fact that vulnerable nodes can force a shutdown/crash using a specially crafted message...
PT-2024-35488 · Unknown · Bitcoin Core
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.20.0 Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by sending a malformed GETDATA message. This can lead to a node crash. Recommendations: For...
SUSE CVE-2024-38355
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit 15af22fc22 which has been included in...
GHSA-25HC-QCG6-38WJ socket.io has an unhandled 'error' event
Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. node:events:502 throw err; // Unhandled 'error' event ^ Error ERRUNHANDLEDERROR: Unhandled error. undefined at new NodeError node:internal/errors:405:5 at...
BIT-ELASTICSEARCH-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
CVE-2024-30676
The connected PT-2024-23559 entry identifies a Denial-of-Service flaw in ROS2 Iron Irwini, where ROS2 nodes can be remotely crashed (DoS) by a malicious user, disrupting system operation. Affected setup specifies ROS VERSION 2 with ROS PYTHON VERSION 3. Until a patch is available, the recommendat...
SUSE CVE-2024-23449
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
UBUNTU-CVE-2024-23449
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
GHSA-W5GG-2Q56-6H4F Elasticsearch Uncontrolled Resource Consumption vulnerability
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
Elasticsearch Uncontrolled Resource Consumption vulnerability
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
CVE-2024-23450
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
UBUNTU-CVE-2024-23450
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
CVE-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
Elasticsearch 安全漏洞
Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch versions prior to 7.17.19 and prior to 8.13.0, which stems from the fact that processing a document in a deeply nested pipeline on an ingest node may cause an Elasticsearch node to crash...
BIT-ELASTICSEARCH-2023-46673
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...
mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...
Denial Of Service (DoS)
elasticsearch is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a lack of exception handling while calling the simulate pipeline API. The script processor of an ingest pipeline fails to handle malformed scripts. This can lead to an elastic node crash and ultimately deny...