CVE-2024-53299

The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to create a DOS via multiple requests to server resources. Users are recommended to upgrade to versions 9.19.0 or 10.3.0, which fixes this issue...

Ivanti Sentry 命令注入漏洞

Ivanti Sentry is an in-line gateway from Ivanti USA, Inc. It is used to manage, encrypt and protect traffic between mobile devices and back-end enterprise systems. A security vulnerability exists in Ivanti Sentry versions prior to 9.19.0. An attacker exploiting this vulnerability could execute...

ALPINE-CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

UBUNTU-CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...