Page 197 of 38476 results (0.053 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jmr9-xw2v-5vf4 • CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

This bypasses isolation restrictions, significantly reducing the security of an affected compute host, and could enable arbitrary code execution, a denial of service, or leaking of secrets. • https://launchpad.net/bugs/2059809 https://www.openwall.com/lists/oss-security/2024/07/02/2 http://www.openwall.com/lists/oss-security/2024/07/02/2 https://security.openstack.org/ossa/OSSA-2024-001.html https://access.redhat.com/security/cve/CVE-2024-32498 https://bugzilla.redhat.com/show_bug.cgi?id=2278663 • CWE-400: Uncontrolled Resource Consumption CWE-552: Files or Directories Accessible to External Parties •

CVSS: 3.2EPSS: 0%CPEs: -EXPL: 0

This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack. • https://access.redhat.com/security/cve/CVE-2024-6126 https://bugzilla.redhat.com/show_bug.cgi?id=2292897 https://access.redhat.com/errata/RHSA-2024:9325 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working. Las versiones de Mattermost 9.8.0, 9.7.x &lt;= 9.7.4, 9.6.x &lt;= 9.6.2, 9.5.x &lt;= 9.5.5 no evitan especificar un RemoteId al crear un nuevo usuario, lo que permite a un atacante especificar ambos. un ID remoto y el ID de usuario, lo que da como resultado la creación de un usuario con un ID de usuario definido por el usuario. Esto puede provocar que alguna funcionalidad rota en la Gestión de usuarios, como por ejemplo acciones administrativas contra el usuario, no funcionen. • https://mattermost.com/security-updates • CWE-284: Improper Access Control •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35. • https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/class-premium-template-tags.php#L1676 https://plugins.trac.wordpress.org/changeset/3110991 https://www.wordfence.com/threat-intel/vulnerabilities/id/3c59d95a-b7f1-4a04-bbf4-bab2c42d6d75?source=cve • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •