Page 32 of 38324 results (0.201 seconds)

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Bitcoin Core before 25.0 allows remote attackers to cause a denial of service (blocktxn message-handling assertion and node exit) by including transactions in a blocktxn message that are not committed to in a block's merkle root. • https://bitcoincore.org/en/2024/10/08/disclose-blocktxn-crash https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-25.0.md https://github.com/bitcoin/bitcoin/pull/26898 https://github.com/bitcoin/bitcoin/releases/tag/v25.0 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.7EPSS: 0%CPEs: 14EXPL: 0

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already established.  • https://supportportal.juniper.net/JSA88102 https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/traceoptions-edit-protocols-bgp.html • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0

An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled. ... An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems configured in either of two ways: * systems with BGP traceoptions enabled * systems with BGP traffic engineering configured This issue can affect iBGP and eBGP with any address family configured.  • https://supportportal.juniper.net/JSA88100 https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/traceoptions-edit-protocols-bgp.html • CWE-125: Out-of-bounds Read •

CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0

An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. In some cases, rpd fails to restart requiring a manual restart via the 'restart routing' CLI command. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already established. • https://supportportal.juniper.net/JSA88099 https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/traceoptions-edit-protocols-bgp.html • CWE-1288: Improper Validation of Consistency within Input •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

Overall the impact of this issue is that this is a denial-of-service vector where a malicious WebAssembly module or component can cause the host to crash. There is no other impact at this time other than availability of a service as the result of the crash is always a crash and no more. • https://docs.rs/wasmtime/latest/wasmtime/struct.Config.html#method.wasm_tail_call https://github.com/WebAssembly/proposals https://github.com/bytecodealliance/wasmtime/pull/8540 https://github.com/bytecodealliance/wasmtime/pull/8682 https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q8hx-mm92-4wvg https://github.com/webassembly/tail-call • CWE-670: Always-Incorrect Control Flow Implementation •