Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

BDU FSTEC
BDU FSTECadded 2024/12/25 12:0 a.m.2 views

The vulnerability of Firefox browser, related to improper limitation of the number of user interface layers or frames displayed, allows attackers to perform spoofing attacks.

The vulnerability of Firefox browsers is related to improper limitation of the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

9.4CVSS5.5AI score0.00376EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2024/04/10 12:15 p.m.7 views

CVE-2024-31309

HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...

7.5CVSS7.5AI score
Exploits0References8
OSV
OSVadded 2024/04/04 9:15 p.m.6 views

AZL-39984 CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
Amazon
Amazonadded 2024/03/06 12:0 a.m.2 views

Medium: amazon-ecr-credential-helper

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS8.2AI score0.91969EPSS
Exploits1
BDU FSTEC
BDU FSTECadded 2024/02/29 12:0 a.m.2 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in incorrect restrictions on the number of user interface layers or frames that can be displayed. This allows attackers to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an incorrect limitation on the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7.6AI score0.00712EPSS
Exploits0References13Affected Software7
Github Security Blog
Github Security Blogadded 2023/10/10 10:22 p.m.160 views

io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

A client might overload the server by issue frequent RST frames. This can cause a massive amount of load on the remote system and so cause a DDOS attack. Impact This is a DDOS attack, any http2 server is affected and so you should update as soon as possible. Patches This is patched in version...

7.5CVSS6.8AI score0.99999EPSS
Exploits19References6Affected Software1
Rows per page
Query Builder