Lucene search
+L

279 matches found

nessus
nessus
added 2023/05/13 12:0 a.m.69 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-1869)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References3
ibm
ibm
added 2023/03/29 7:7 p.m.29 views

Security Bulletin: CVE-2022-41723 may affect IBM CICS TX Standard

Summary CVE CVE-2022-41723 may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVE. Relevant Go related packages have been upgraded. Vulnerability Details CVEID:CVE-2022-41723 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK...

7.5CVSS7.6AI score0.04561EPSS
Exploits0Affected Software1
nessus
nessus
added 2023/03/23 12:0 a.m.80 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-142)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-142 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has no...

7.5CVSS6.8AI score0.04561EPSS
Exploits0References4
nessus
nessus
added 2023/03/23 12:0 a.m.74 views

SUSE SLES15 Security Update : container-suseconnect (SUSE-SU-2023:0871-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0871-1 advisory. This update of container-suseconnect fixes the following issue: - container-suseconnect was rebuilt against the current go1.19...

7.5CVSS6.7AI score0.04561EPSS
Exploits0References17
cnnvd
cnnvd
added 2023/02/28 12:0 a.m.3 views

Google Golang 安全漏洞

Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References35
f5
f5
added 2023/02/21 6:55 p.m.25 views

K58102101: BIG-IP ASM vulnerability CVE-2020-27718

Security Advisory Description When the BIG-IP ASM system processes requests with JSON payload, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2020-27718 Impact When this vulnerability is exploited, the BIG-IP ASM system may take longer than...

7.5CVSS7.4AI score0.01031EPSS
Exploits0Affected Software2
f5
f5
added 2023/02/21 6:55 p.m.30 views

K88230177: BIG-IP ASM WebSocket vulnerability CVE-2021-22976

Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2021-22976 Impact When this vulnerability is exploited, the BIG-IP ASM system may take...

7.5CVSS6.4AI score0.00961EPSS
Exploits0Affected Software2
osv
osv
added 2023/02/16 10:31 p.m.49 views

GO-2023-1571 Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests...

7.5CVSS7.6AI score0.04561EPSS
Exploits0References4
nessus
nessus
added 2023/02/15 12:0 a.m.42 views

FreeBSD : go -- multiple vulnerabilities (3d73e384-ad1f-11ed-983c-83fe35862e3a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3d73e384-ad1f-11ed-983c-83fe35862e3a advisory. - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the...

7.5CVSS6.8AI score0.04561EPSS
Exploits0References6
osv
osv
added 2023/02/14 8:40 a.m.5 views

SUSE-SU-2023:0402-1 Security update for python-setuptools

This update for python-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document bsc1206667...

5.9CVSS6AI score0.02617EPSS
Exploits1References3
osv
osv
added 2023/02/07 12:6 a.m.15 views

MGASA-2023-0030 Updated python-future packages fix security vulnerability

Excessive CPU usage via a crafted Set-Cookie header CVE-2022-40899...

7.5CVSS7.3AI score0.01804EPSS
Exploits1References4
openvas
openvas
added 2023/01/31 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2023:0213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.02453EPSS
Exploits1References5
osv
osv
added 2023/01/30 4:27 p.m.9 views

SUSE-SU-2023:0213-1 Security update for python

This update for python fixes the following issues: - CVE-2022-45061: Fixed an excessive CPU usage when decoding crafted IDNA domain names bsc1205244. Non-security fixes: - Fixed the 2038 bug in the compileall module bsc1202666...

7.5CVSS7.6AI score0.02453EPSS
Exploits1References4
osv
osv
added 2023/01/17 10:1 a.m.8 views

SUSE-SU-2023:0093-1 Security update for python-setuptools

This update for python-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document bsc1206667...

5.9CVSS6AI score0.02617EPSS
Exploits1References3
osv
osv
added 2023/01/16 9:31 a.m.6 views

SUSE-SU-2023:0089-1 Security update for python-wheel

This update for python-wheel fixes the following issues: - CVE-2022-40898: Fixed an excessive use of CPU that could be triggered via a crafted regular expression bsc1206670...

7.5CVSS7.4AI score0.02659EPSS
Exploits1References3
osv
osv
added 2023/01/12 8:5 a.m.10 views

SUSE-SU-2023:0078-1 Security update for python-future

This update for python-future fixes the following issues: - CVE-2022-40899: Fixed an issue that could allow attackers to cause an excessive CPU usage via a crafted Set-Cookie header bsc1206673...

7.5CVSS7.3AI score0.01804EPSS
Exploits1References3
openvas
openvas
added 2023/01/12 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2023:0076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01804EPSS
Exploits1References4
github
github
added 2022/12/28 12:30 a.m.45 views

yaml package for Go can consume excessive amounts of CPU or memory

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS7.6AI score0.017EPSS
Exploits0References12Affected Software1
ptsecurity
ptsecurity
added 2022/12/22 12:0 a.m.7 views

PT-2022-6568

Name of the Vulnerable Software and Affected Versions Python Charmers Future versions 0.18.2 and earlier Description The issue is related to improper input validation when handling the Set-Cookie header, allowing a remote attacker to send a specially crafted HTTP request and perform a denial of...

8.7CVSS6.6AI score0.01804EPSS
Exploits1References50
nessus
nessus
added 2022/05/31 12:0 a.m.56 views

Nginx Plus R1 < R15-P2 / R16 < R16-P1 Multiple Vulnerabilities

According to it's self reported version, the installed version of Nginx Plus is R1 built on Open Source version 1.5.3-1 prior to R15-P2 or R16 built on Open Source version 1.15.2 prior to R16-P1. It is, therefore, affected by the following issues : - An unspecified error exists related to the...

8.2CVSS6.7AI score0.47057EPSS
Exploits1References7
Rows per page
Query Builder