175 matches found
CVE-2024-52798
CVE-2024-52798 concerns the path-to-regexp library. The DoS arises when path-to-regexp outputs regex patterns that backtrack, enabling high CPU/blocked event loop in vulnerable inputs. Public sources reference the 0.1.x line as the origin and recommend upgrading specifically to 0.1.12; later advi...
Fedora 41 : webkitgtk (2024-472d01833c)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-472d01833c advisory. Improve memory consumption and performance of Canvas getImageData. Fix preserve-3D intersection rendering. Fix video dimensions since GStreamer...
kernel: dpll: fix possible deadlock during netlink dump operation
A vulnerability was found in the Linux kernel, where an ABBA deadlock condition may be created if multiple CPUs attempt a DPLL netlink dump operation simultaneously. This deadlock could lead to performance issues...
EulerOS Virtualization 2.12.0 : bind (EulerOS-SA-2024-2765)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential performance issue caused by failure to reschedule during an overflow refresh...
CVE-2024-47187 Suricata datasets: missing hashtable random seed leads to potential DoS
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...
MGASA-2024-0333 Updated unbound packages fix security vulnerabilities
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...
Performance issues with Intel GPUs and Citrix Workspace App
Customers using the Citrix Workspace App with Intel Arc GPUs and Intel GPU driver version 4824 could experience performance issues and lag The performance issues are present in Intel Arc A-series GPUs and Intel Core Ultra with built-in Arc GPUs, for example: Intel Arc A-Series Graphics Intel Arc...
Important: bind
Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...
kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index
A vulnerability was found in the Linux kernel's memory management subsystem. The wakeupkswapd function was called with an incorrect zone index. This error could disrupt the proper functioning of memory management, potentially leading to system instability or performance issues...
Low: Red Hat Bug Fix Advisory: kernel bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 9. The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fixes: DELL 9.4 BUG - Screen shows garbage sometimes rhel-9.4.z JIRA:RHEL-36534 cifs - Unable to mount CIFS shares after upgrading to...
PT-2024-14409 · Unknown · Wallpaper Service Module
Name of the Vulnerable Software and Affected Versions: Wallpaper service module affected versions not specified Description: The issue is related to an unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perfo...
Citrix Provisioning Target Poor Performance And Slow Boot
Target Devices appear to boot slowly and hang or remain stuck at a black screen shortly after power on. Other devices that are up and running can be found frozen. These machines might be found "unregistered" in Studio and you cannot RDP or console into them. PVS servers may be reporting DB Offlin...
SUSE-SU-2023:4471-1 Security update for go1.21
This update for go1.21 fixes the following issues: go1.21.4 released 2023-11-07 includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. security: fix CVE-2023-45283 CVE-2023-45284...
Denial Of Service (DoS)
firefox is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions because the drivers are not always robust to extremely large draw calls...
Denial Of Service (DoS)
firefox is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions during garbage collection...
SUSE-SU-2023:4176-1 Security update for ruby2.5
This update for ruby2.5 fixes the following issues: - CVE-2023-28755: Fixed a ReDoS vulnerability in URI. bsc1209891 - CVE-2023-28756: Fixed an expensive regexp in the RFC2822 time parser. bsc1209967 - CVE-2021-41817: Fixed a Regular Expression Denial of Service Vulnerability of Date Parsing...
Denial Of Service (DoS)
gitlab is vulnerable to Denial of Service DoS. A malicious user is able to leverage the vulnerability to cause peformance issues which will result in denial of service conditions...
yaraQA - YARA Rule Analyzer To Improve Rule Quality And Performance
YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of a YARA rule set. The issues yaraQA tries to detect are e.g.: rules that are syntactically...
SUSE-SU-2023:2603-1 Security update for rustup
This update for rustup fixes the following issues: - CVE-2022-31394: Fixed possible HTTP2 attacks by specifying the HTTP/2 SETTINGSMAXHEADERLISTSIZE bsc1208552. - CVE-2023-26964: Fixed high memory and CPU usage when stream stacking occurs when H2 processes HTTP2 RSTSTREAM frames bsc1210345...