Lucene search
+L

29 matches found

Vulnrichment
Vulnrichment
added 2024/10/16 6:58 p.m.17 views

CVE-2024-47188 Suricata http/byte-ranges: missing hashtable random seed leads to potential DoS

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker...

7.5CVSS7AI score0.00283EPSS
Exploits0References2
OSV
OSV
added 2024/07/12 11:8 a.m.4 views

OESA-2024-1820 rubygem-rack security update

Rack provides a minimal, modular, and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

7.5CVSS6.8AI score0.01617EPSS
Exploits1References3
OSV
OSV
added 2024/02/29 12:15 a.m.5 views

DEBIAN-CVE-2024-26141

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the...

7.5CVSS6AI score0.01612EPSS
Exploits1References1
OSV
OSV
added 2024/02/29 12:15 a.m.4 views

UBUNTU-CVE-2024-26141

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the...

7.5CVSS6.6AI score0.01612EPSS
Exploits1References7
Hacker One
Hacker One
added 2024/01/08 2:54 p.m.17 views

Ruby on Rails: DoS with crafted "Range" header

The vulnerability was discovered in the Active Storage component of Ruby on Rails. The vulnerability allowed an attacker to craft a "Range" header that could lead to a Denial of Service DoS attack. The attack was possible due to the lack of validation on overlapping ranges in the...

6.9AI score
Exploits0
Snyk
Snyk
added 2023/01/18 6:19 p.m.5 views

Regular Expression Denial of Service (ReDoS)

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

7.5CVSS6.8AI score0.01626EPSS
Exploits0References2
Wallarm Lab
Wallarm Lab
added 2018/02/20 7:6 p.m.70 views

Numbers game: Exploring IntegerOverflow vulnerability in a popular nginx web server.

By @aLLy , Wallarm Research There was a very interesting vulnerability discovered in nginx, one of the most popular web/proxy/load balancing servers. This vulnerability leaks information about the application behind the nginx proxy. For example, a specially formed request can retrieve information...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/09/21 8:0 p.m.7 views

httpd: multiple ranges DoS

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service memory and CPU consumption via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different...

7.8CVSS7.3AI score0.98945EPSS
Exploits17References4
Nmap
Nmap
added 2011/08/29 9:42 p.m.1223 views

http-vuln-cve2011-3192 NSE Script

Detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page. References: See also: http-slowloris-check.nse http-slowloris.nse Script Arguments http-vuln-cve2011-3192.path Define the request path...

10CVSS9.3AI score0.99448EPSS
Exploits50
Rows per page
Query Builder