1889 matches found
Design/Logic Flaw
In a Segment Routing ISIS SR-ISIS/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon RPD crash and restart,...
CVE-2021-0287
CVE-2021-0287 affects Juniper Networks Junos OS and Junos OS Evolved in SR-ISIS/MPLS with ISIS Flexible Algorithm and sensor-based statistics. A flap of an ISIS link can crash and restart the RPD, causing Denial of Service (DoS). Affected versions include Junos OS: 19.4 prior to 19.4R1-S4 and 19....
Segment is-email input validation error vulnerability
is-email is an application used to validate email addresses. Segment is-email is vulnerable due to a ReDoS regular expression denial of service flaw discovered in Node.js prior to Segment is-email package 1.0.1. An attacker could exploit this flaw to cause the application to consume excessive CPU...
CVE-2021-36716
A ReDoS regular expression denial of service flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmailinput function may cause an application to consume an excessive amount of CPU...
CVE-2021-36716
A ReDoS regular expression denial of service flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmailinput function may cause an application to consume an excessive amount of CPU...
Input validation
A ReDoS regular expression denial of service flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmailinput function may cause an application to consume an excessive amount of CPU...
CVE-2021-36716
A ReDoS regular expression denial of service flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmailinput function may cause an application to consume an excessive amount of CPU...
OSV-2021-962 Heap-use-after-free in Segment::write
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36050 Crash type: Heap-use-after-free READ 1 Crash state: Segment::write Doublewrite::writepages Doublewrite::flushtodisk...
Kaseya VSA 代码问题漏洞
Kaseya VSA is RMM Remote Monitoring and Management software commonly used by Managed Service Providers MSPs of Kaseya, Inc. in the United States to manage customer networks. A code issue vulnerability exists in Kaseya VSA versions prior to 9.5.6, which arises from a network system or product that...
The vulnerability of the MagickCore/segment.c component of the console-based image editing tool ImageMagick, related to division by zero, allows a hacker to cause a service failure.
The vulnerability of the MagickCore/segment.c component in the console-based image editing tool ImageMagick is related to division by zero. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...
Code injection
Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based...
CVE-2020-8299
Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based...
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Edition appliance Security Update
Multiple vulnerabilities have been discovered in Citrix ADCformerly known as NetScaler ADC, Citrix Gateway formerly known as NetScaler Gateway, and Citrix SD-WAN WANOP Edition appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited,could result in the followin...
CVE-2020-18395
Consolidated details from NVD, Red Hat, CNVD, PRION, and CVE lists confirm CVE-2020-18395 affects Gama 2.04 . The vulnerability is a NULL-pointer dereference in GNU_gama::set() within ellipsoid.h, which can cause a denial of service via segmentation faults when processing crafted inputs. Public r...
Oracle Linux 8 : gssdp / and / gupnp (ELSA-2021-1789)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1789 advisory. gssdp 1.0.5-1 + gssdp-1.0.5-1 - Update to 1.0.5 - Fix SUBSCRIBE misbehaviour - Resolves: 1861928 gupnp 1.0.6-1 + gupnp-1.0.6-1 - Update to 1.0.6 - Fix SUBSCRIBE...
GHSA-JHQ9-WM9M-CF89 CHECK-failure in `UnsortedSegmentJoin`
Impact An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin: python import tensorflow as tf inputs = tf.constant, dtype=tf.string segmentids = tf.constant, dtype=tf.int32 numsegments = tf.constant, dtype=tf.int32 separator = ''...
CVE-2021-20719
RFNTPS firmware versions System01000004 and earlier, and Web01000004 and earlier allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors...
CVE-2021-20719
RFNTPS firmware versions System01000004 and earlier, and Web01000004 and earlier allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors...
PYSEC-2021-189
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...
PYSEC-2021-480
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...