Page 33 of 38455 results (0.034 seconds)

CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2. • https://github.com/argoproj/argo-workflows/blob/ce7f9bfb9b45f009b3e85fabe5e6410de23c7c5f/workflow/metrics/metrics_k8s_request.go#L75 https://github.com/argoproj/argo-workflows/commit/524406451f4dfa57bf3371fb85becdb56a2b309a https://github.com/argoproj/argo-workflows/pull/13641 https://github.com/argoproj/argo-workflows/security/advisories/GHSA-ghjw-32xw-ffwr • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-1108: Excessive Reliance on Global Variables •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This bug is fixed in the default build configuration of Squid version 6.10. • https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0

TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. • https://github.com/TYPO3/typo3/security/advisories/GHSA-ffcv-v6pw-qhrp https://typo3.org/security/advisory/typo3-core-sa-2024-011 https://www.mgm-sp.com/cve/denial-of-service-in-typo3-bookmark-toolbar •

CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0

A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service. • https://github.com/libexpat/libexpat/pull/915 https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/show_bug.cgi?id=2321987 • CWE-754: Improper Check for Unusual or Exceptional Conditions •

CVSS: 8.7EPSS: 0%CPEs: -EXPL: 0

All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no patches are available. • https://github.com/3rd-Eden/useragent/issues/167 https://securitylab.github.com/advisories/GHSL-2020-312-redos-useragent • CWE-1333: Inefficient Regular Expression Complexity •