5612 matches found
Security Bulletin: IBM Cognos BI 8.4 Partial Denial of Service Vulnerability
Abstract A malicious IBM Cognos BI 8.4 user is able to send a crafted request to the Cognos server which triggers high CPU utilization that may cause a partial denial of service condition due to CPU consumption. This vulnerability can only be exploited by authenticated users, and is not applicabl...
EulerOS Virtualization 2.9.0 : libdb (EulerOS-SA-2022-2386)
According to the versions of the libdb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to...
mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of th...
mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...
PT-2022-34469 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.291 Description: The issue concerns the ext4 filesystem in the Linux Kernel, specifically with avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been prove...
PT-2022-34027 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.138 Description: The issue concerns the ext4 file system, specifically avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-34357 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.256 Description: The issue concerns the ext4 filesystem, specifically avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
GSD-2022-1005082 ext4: avoid resizing to a partial cluster size
ext4: avoid resizing to a partial cluster size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...
PT-2022-33340 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue concerns the ext4 filesystem in the Linux Kernel, specifically with avoiding resizing to a partial cluster size. The actual impact and attack plausibility have not yet been proven...
Bento4 缓冲区错误漏洞
Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version 1.6.0-639, which stems from its AP4ByteStream::Write and AP4HdlrAtom::WriteFields components calling the System/StdC/Ap4StdCFileByteStream.cpp component's AP4...
PT-2022-25384 · Bento4 · Bento4
Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A buffer overflow issue exists in the AP4 MemoryByteStream::WritePartial function in mp42aac, which can be exploited by attackers to cause a denial of service. This can be achieved by providing a crafted...
Huawei EulerOS: Security Advisory for libdb (EulerOS-SA-2022-2323)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2022-24782 · Siemens · Ruggedcom M2100 +62
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, so: Affected software affected versions not specified Description: The issue is related to the improper handling of partial HTTP requests, making devices susceptible to slowloris attacks. This could...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.4.5)
The version of AOS installed on the remote host is prior to 5.20.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.4.5 advisory. - If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache...
CVE-2021-4040
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory OOM condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attack of maliciously crafted messages. The highest...
Important: java-1.8.0-openjdk
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Center July 2014 CPU
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details The following advisories are included in the IBM® SDK Java™...
Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource`
Impact A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: "/Users/foo/resources" When passing relative paths to these two vulnerabl...
GHSA-4MMH-5VW7-RGVJ Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource`
Impact A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: "/Users/foo/resources" When passing relative paths to these two vulnerabl...