Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-0450 | 2024-05-07 | N/A | 6.2 MEDIUM | ||
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive. | |||||
CVE-2021-38447 | 1 Objectcomputing | 1 Opendds | 2023-12-10 | 4.3 MEDIUM | 7.5 HIGH |
OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition. | |||||
CVE-2021-21359 | 1 Typo3 | 1 Typo3 | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This is fixed in versions 9.5.25, 10.4.14, 11.1.1. | |||||
CVE-2018-15492 | 1 Gemalto | 1 Sentinel License Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification. |