Lucene search
+L

17 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago9 views

Linux Distros Unpatched Vulnerability : CVE-2026-15711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 5.5, which...

7.5CVSS6.1AI score0.00431EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-15711 Libsoup: soupwebsocketconnection: libsoup: websocket remote denial of service via oversized control frame protocol violation

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames e.g., PING, PONG, CLOSE contain a payload of 125 bytes or less. A remote, unauthenticated attacker...

7.5CVSS0.00431EPSS
Exploits0References3
CVE
CVE
added 4 days ago8 views

CVE-2026-15711

The CVE describes a vulnerability in libsoup’s WebSocket frame parsing. The flaw stems from failing to validate length rules for WebSocket control frames as specified in RFC 6455 §5.5, allowing an oversized control frame to be sent by a remote, unauthenticated attacker. The parser does not termin...

7.5CVSS6.1AI score0.00431EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 4 days ago7 views

CVE-2026-15711

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames e.g., PING, PONG, CLOSE contain a payload of 125 bytes or less. A remote, unauthenticated attacker...

7.5CVSS6AI score0.00431EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-58723

Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description An issue exists in the WebSocket frame parsing implementation where the library fails to validate length rules defined in RFC 6455 §5.5. This standard requires that all WebSocket control...

7.5CVSS5.4AI score0.00431EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/23 9:44 a.m.4 views

jetty: HTTP/2 (including DNS over HTTPS) contains a design flaw and is vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames

A flaw was found in Jetty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

7.7CVSS7AI score0.01567EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/09/23 12:0 a.m.3 views

RHEL 9 : Red Hat Product OCP Tools 4.17 OpenShift Jenkins (RHSA-2025:16456)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16456 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron...

7.7CVSS7.1AI score0.01567EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/08/21 11:21 p.m.5 views

SUSE CVE-2025-54500

An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS6.8AI score0.00475EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2025/08/20 12:0 a.m.17 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125 apache-commons-fileupload: Apache...

7.5CVSS7.4AI score0.64718EPSS
Exploits1References16
NVD
NVD
added 2025/08/13 3:15 p.m.9 views

CVE-2025-54500

An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS0.00475EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/13 2:46 p.m.3 views

CVE-2025-54500 HTTP/2 Vulnerability

An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS7AI score0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.12 views

PT-2025-33005

Name of the Vulnerable Software and Affected Versions: Affected versions not specified Description: An implementation flaw in HTTP/2 can lead to a denial-of-service DoS condition. This occurs through the use of malformed HTTP/2 control frames, which disrupt the maximum concurrent streams limit,...

7.5CVSS5.7AI score0.00475EPSS
Exploits0References9
Kitploit
Kitploit
added 2023/07/10 12:30 p.m.178 views

WPAxFuzz - A Full-Featured Open-Source Wi-Fi Fuzzer

This tool is capable of fuzzing either any management, control or data frame of the 802.11 protocol or the SAE exchange. For the management, control or data frames, you can choose either the "standard" mode where all of the frames transmitted have valid size values or the "random" mode where the...

7.5CVSS6.9AI score0.02334EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:9 a.m.4 views

SUSE CVE-2015-1142857

On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before...

4.8CVSS8.1AI score0.02429EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2015/07/09 12:0 a.m.6 views

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending IEEE 802.3x control frames remotely...

5.7CVSS5.4AI score0.00874EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2009/06/12 12:0 a.m.41 views

Asterisk IAX2 - Attacked IAX Fuzzer Resource Exhaustion (Denial of Service)

!/usr/bin/perl -w udp IAX protocol fuzzer Created: Blake Cornell Exploits found with this code can be found at http://www.securityscraper.com/ Released under the VoIPER project Do not hesitate to show enthusiasm and support and help develop this further. use strict; use IO::Socket; use...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/01/20 12:0 a.m.56 views

FreeBSD IEEE 802.11 wireless network buffer overflow

Buffer overflow on parsing IEEE 802.11 control frames...

4.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder