Lucene search
+L

105 matches found

osv
osv
added 2023/01/17 10:1 a.m.8 views

SUSE-SU-2023:0093-1 Security update for python-setuptools

This update for python-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document bsc1206667...

5.9CVSS6AI score0.02617EPSS
Exploits1References3
osv
osv
added 2023/01/16 9:31 a.m.6 views

SUSE-SU-2023:0089-1 Security update for python-wheel

This update for python-wheel fixes the following issues: - CVE-2022-40898: Fixed an excessive use of CPU that could be triggered via a crafted regular expression bsc1206670...

7.5CVSS7.4AI score0.02659EPSS
Exploits1References3
osv
osv
added 2023/01/12 8:5 a.m.10 views

SUSE-SU-2023:0078-1 Security update for python-future

This update for python-future fixes the following issues: - CVE-2022-40899: Fixed an issue that could allow attackers to cause an excessive CPU usage via a crafted Set-Cookie header bsc1206673...

7.5CVSS7.3AI score0.01804EPSS
Exploits1References3
openvas
openvas
added 2023/01/12 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2023:0076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01804EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2022/12/22 12:0 a.m.7 views

PT-2022-6568

Name of the Vulnerable Software and Affected Versions Python Charmers Future versions 0.18.2 and earlier Description The issue is related to improper input validation when handling the Set-Cookie header, allowing a remote attacker to send a specially crafted HTTP request and perform a denial of...

8.7CVSS6.6AI score0.01804EPSS
Exploits1References50
nessus
nessus
added 2022/05/31 12:0 a.m.56 views

Nginx Plus R1 < R15-P2 / R16 < R16-P1 Multiple Vulnerabilities

According to it's self reported version, the installed version of Nginx Plus is R1 built on Open Source version 1.5.3-1 prior to R15-P2 or R16 built on Open Source version 1.15.2 prior to R16-P1. It is, therefore, affected by the following issues : - An unspecified error exists related to the...

8.2CVSS6.7AI score0.47057EPSS
Exploits1References7
redhatcve
redhatcve
added 2022/05/20 10:52 p.m.27 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS3.3AI score0.0126EPSS
Exploits1References1
debiancve
debiancve
added 2022/02/28 1:26 p.m.43 views

CVE-2022-24685

Removed by vendor...

7.5CVSS7.5AI score0.01524EPSS
Exploits0
openvas
openvas
added 2022/01/28 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2018-0459)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.47057EPSS
Exploits1References3
prion
prion
added 2021/12/01 8:15 p.m.22 views

Denial of service

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

5CVSS7.2AI score0.0126EPSS
Exploits1References2Affected Software1
alpinelinux
alpinelinux
added 2021/12/01 8:15 p.m.36 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS3.3AI score0.0126EPSS
Exploits1
ubuntucve
ubuntucve
added 2021/12/01 8:15 p.m.24 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS7.1AI score0.0126EPSS
Exploits1References3
osv
osv
added 2021/09/10 5:54 p.m.28 views

GHSA-5WJF-62HW-Q78R Excessive CPU usage

Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. Impact This can result in a DoS condition. Patches Pomerium versions 0.14.8 and 0.15.1 contain an upgraded...

7.5CVSS7.3AI score0.01662EPSS
Exploits0References5
openvas
openvas
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2012:0772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.9AI score0.05724EPSS
Exploits0References2
mageia
mageia
added 2021/04/12 7:59 p.m.43 views

Updated tor packages fix security vulnerabilities

The dumpdesc function that we used to dump unparseable information to disk, was called incorrectly in several places, in a way that could lead to excessive CPU usage CVE-2021-28089. A bug in appending detached signatures to a pending consensus document could be used to crash a directory authority...

7.5CVSS2AI score0.02096EPSS
Exploits0References2
nessus
nessus
added 2021/03/17 12:0 a.m.30 views

Debian DSA-4871-1 : tor - security update

Two vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could lead to excessive CPU usage or cause a directory authority to crash. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

7.5CVSS6.6AI score0.02096EPSS
Exploits0References5
debian
debian
added 2021/03/16 8:30 p.m.100 views

[SECURITY] [DSA 4871-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4871-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 16, 2021 https://www.debian.org/security/faq -...

7.5CVSS7.2AI score0.02096EPSS
Exploits0
prion
prion
added 2021/02/12 6:15 p.m.26 views

Code injection

On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU...

5CVSS7.5AI score0.00961EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2021/02/12 5:43 p.m.44 views

CVE-2021-22976

On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU...

7.7AI score0.00961EPSS
Exploits0References1
nessus
nessus
added 2020/05/15 12:0 a.m.45 views

SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:1211-1)

This update for webkit2gtk3 fixes the following issues : Security issue fixed : CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution bsc1170643. Non-security issues fixed : Update to version 2.28.2 bsc1170643 : + Fix excessive CPU usage due to GdkFrameClock...

9.3CVSS7.2AI score0.04017EPSS
Exploits0References4
Rows per page
Query Builder