Lucene search
K

10 matches found

OSV
OSV
added 2026/01/26 9:30 p.m.3 views

GHSA-FRPP-8PWQ-HJRX Hibernate Reactive Vulnerable to DoS via Connection Pool Exhaustion

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. This action may lead to leaking connections from the database connection pool, potentially causing a Denial of Service DoS by...

4.3CVSS5.8AI score0.00376EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/20 7:20 p.m.6 views

CVE-2026-23842

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust...

7.5CVSS5.4AI score0.00494EPSS
Exploits1References1
CVE
CVE
added 2026/01/19 6:39 p.m.29 views

CVE-2026-23842

Summary of CVE-2026-23842 (ChatterBot): Up to version 1.2.10, ChatterBot is vulnerable to denial-of-service caused by improper database session and SQLAlchemy connection pool management. Concurrent calls to get_response() can exhaust the SQLAlchemy QueuePool, leaving the service unresponsive and ...

7.5CVSS5.4AI score0.00494EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-5751

Malware in sbrugna...

7.5CVSS7.6AI score0.01799EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/28 11:19 a.m.26 views

CVE-2025-3864 Connection pool exhaustion in hackney

Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...

2.3CVSS0.00727EPSS
Exploits0References3
CVE
CVE
added 2025/05/28 11:19 a.m.51 views

CVE-2025-3864

Hackney contains a vulnerability where it fails to properly release HTTP connections back to the pool after handling 307 Temporary Redirect responses, which can exhaust connection pools and cause denial of service in applications using the library. The issue is tied to CVE-2025-3864. A fix is inc...

2.3CVSS6.7AI score0.00727EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.6 views

SUSE CVE-2007-6059

Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service connection pool...

5CVSS7AI score0.0176EPSS
Exploits1References3
Prion
Prion
added 2007/11/20 8:46 p.m.25 views

Design/Logic Flaw

Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service connection pool...

5CVSS7.1AI score0.0176EPSS
Exploits1References2
NVD
NVD
added 2007/11/20 8:46 p.m.20 views

CVE-2007-6059

Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service connection pool...

5CVSS6.8AI score0.0176EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2007/11/20 12:0 a.m.5 views

PT-2007-6975 · Oracle · Javamail

Name of the Vulnerable Software and Affected Versions: Javamail affected versions not specified Description: The issue arises when Javamail fails to properly handle a series of invalid login attempts where the same e-mail address is used as both the username and password. Specifically, if the...

5CVSS7.3AI score0.0176EPSS
Exploits1References4
Rows per page
Query Builder