CVE-2024-22164 – Denial of Service of an Investigation in Splunk Enterprise Security through Investigation attachments
https://notcve.org/view.php?id=CVE-2024-22164
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible. En las versiones de Splunk Enterprise Security (ES) inferiores a 7.1.2, un atacante puede utilizar archivos adjuntos de investigación para realizar una denegación de servicio (DoS) a la investigación. El endpoint del archivo adjunto no limita adecuadamente el tamaño de la solicitud, lo que permite que un atacante haga que la investigación se vuelva inaccesible. • https://advisory.splunk.com/advisories/SVD-2024-0101 https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2024-22165 – Denial of Service in Splunk Enterprise Security of the Investigations manager through Investigation creation
https://notcve.org/view.php?id=CVE-2024-22165
In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.<br>The vulnerability requires an authenticated session and access to create an Investigation. It only affects the availability of the Investigations manager, but without the manager, the Investigations functionality becomes unusable for most users. En versiones de Splunk Enterprise Security (ES) inferiores a 7.1.2, un atacante puede crear una investigación con formato incorrecto para realizar una denegación de servicio (DoS). • https://advisory.splunk.com/advisories/SVD-2024-0102 https://research.splunk.com/application/7f6a07bd-82ef-46b8-8eba-802278abd00e • CWE-20: Improper Input Validation •
CVE-2018-11246
https://notcve.org/view.php?id=CVE-2018-11246
K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak. K7TSMngr.exe en K7Computing K7AntiVirus Premium versión 15.1.0.53, presenta una fuga de la memoria • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 https://www.k7computing.com • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2018-11010
https://notcve.org/view.php?id=CVE-2018-11010
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. Se detectó un problema de desbordamiento del búfer en K7Computing K7AntiVirus Premium versión 15.01.00.53 • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 https://www.k7computing.com • CWE-787: Out-of-bounds Write •
CVE-2018-11005
https://notcve.org/view.php?id=CVE-2018-11005
A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. Se detectó un problema de pérdida de memoria en K7Computing K7AntiVirus Premium versión 15.01.00.53 • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 https://www.k7computing.com • CWE-125: Out-of-bounds Read •