Stack overflow

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

Live555 缓冲区错误漏洞

Live555 is a cross-platform C open source project that provides solutions for streaming media, which implements support for standard streaming media delivery protocols such as RTP/RTCP, RTSP, SIP, etc. A security vulnerability exists in Live555, which stems from improper handling of a large numbe...

Amazon Linux 2 : curl (ALAS-2021-1693)

The version of curl installed on the remote host is prior to 7.76.1-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1693 advisory. A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl...

The vulnerability of the Moodle management system, related to uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the Moodle administration system is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to perform a denial-of-service attack by creating a specially crafted URL address...

OESA-2021-1285 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash...

OpenSSL Multiple Vulnerabilities (20140605 - 1) - Windows

OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

Design/Logic Flaw

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

UBUNTU-CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

CVE-2021-22144

CVE-2021-22144 affects Elasticsearch Grok parser. The vulnerability is an uncontrolled recursion that enables a DoS via specially crafted Grok queries submitted by an authenticated user, potentially crashing the node. Affected versions are Elasticsearch before 7.13.3 and 6.8.17. Public references...

EulerOS Virtualization 3.0.2.2 : bind (EulerOS-SA-2021-2127)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Bind-utils contains a collection of utilities for querying DNS Domain Name System name servers to find out information about Intern...

CVE-2020-36429

VariantencodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth...

CVE-2020-36429

VariantencodeJson in open62541 1.x before 1.0.4 has an out-of-bounds write for a large recursion depth...

open62541 缓冲区错误漏洞

open62541 is an application software. An open source and free implementation of OPC UA OPC Unified Architecture, written in a common subset of the C99 and C++98 languages. A security vulnerability exists in open62541 prior to 1.0.4, which stems from the fact that X has out-of-bounds writes for...

UBUNTU-CVE-2021-36773

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service unbounded recursion that can trigger memory consumption and a loss of all blocking functionality...

uBlock 安全漏洞

uBlock is an open source ad blocker. There is a security vulnerability in uBlock Origin that allows a carefully crafted website to cause a denial of service infinite recursion can trigger memory consumption and loss of all blocking functionality...

SUSE: Security Advisory (SUSE-SU-2021:2320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...