Lucene search
K

492 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: nghttp2 (TSSA-2024:0318)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0318 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.3CVSS7.1AI score0.8496EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/06/04 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2024:4401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.00576EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 1:9 a.m.3 views

CVE-2022-24667

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the parsing of...

7.5CVSS6.9AI score0.01119EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/05/08 7:28 p.m.5 views

com.atlan:package-toolkit-testing (>=5.3.1 <=6.1.2), com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv5 (>=2.6.0 <=2.8.0) +751 more potentially affected by CVE-2025-1948 via org.eclipse.jetty.http2:jetty-http2-hpack (>=12.0.0 <=12.0.16)

org.eclipse.jetty.http2:jetty-http2-hpack MAVEN version =12.0.0, =5.3.1, =2.6.0, =1.41.1, =1.1.18, =2.0.20, =3.0.0, =3.0.2, =3.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0-A1, =4.0.0-A1, =4.0.0-A1, =4.1.0, =4.2.1 and more Source cves: CVE-2025-1948 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-10118703...

7.5CVSS7.1AI score0.00625EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-41723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of...

7.5CVSS6.8AI score0.04561EPSS
Exploits0References4
OSV
OSV
added 2025/02/21 1:37 p.m.4 views

OESA-2025-1170 etcd security update

%expand: Security Fixes: Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.CVE-2021-28235 Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.CVE-2022-3064 Etcd v3.5.4 allows remote...

9.8CVSS7AI score0.04561EPSS
Exploits0References6
OSV
OSV
added 2025/02/21 1:37 p.m.3 views

OESA-2025-1169 etcd security update

%expand: Security Fixes: Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.CVE-2021-28235 Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.CVE-2022-3064 Etcd v3.5.4 allows remote...

9.8CVSS7AI score0.04561EPSS
Exploits0References6
OSV
OSV
added 2025/02/21 1:37 p.m.4 views

OESA-2025-1168 etcd security update

%expand: Security Fixes: Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.CVE-2021-28235 Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.CVE-2022-3064 Etcd v3.5.4 allows remote...

9.8CVSS7AI score0.04561EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/02/14 6:25 a.m.4 views

SUSE CVE-2023-32731

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this...

7.4CVSS7AI score0.00502EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/02/12 12:11 a.m.4 views

grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend

A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent...

6.3CVSS5.7AI score0.00224EPSS
Exploits1References5
OSV
OSV
added 2025/02/09 12:19 a.m.18 views

MGASA-2025-0046 Updated qtbase5 & qtbase6 packages fix security vulnerabilities

network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. CVE-2023-51714 A buffer overflow and application crash can occur via a crafted KTX image file. CVE-2024-25580 Code to make security-relevant decisions about an established connection may execute too early, because...

9.8CVSS7.3AI score0.00986EPSS
Exploits0References4
Mageia
Mageia
added 2025/02/09 12:19 a.m.29 views

Updated qtbase5 & qtbase6 packages fix security vulnerabilities

network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. CVE-2023-51714 A buffer overflow and application crash can occur via a crafted KTX image file. CVE-2024-25580 Code to make security-relevant decisions about an established connection may execute too early, because...

9.8CVSS7.9AI score0.00986EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2024/12/30 1:23 p.m.2 views

Security update for grpc

This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
OSV
OSV
added 2024/12/30 1:23 p.m.15 views

SUSE-SU-2024:4436-1 Security update for grpc

This update for grpc fixes the following issues: - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821...

7.5CVSS7.1AI score0.00576EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2024/12/28 12:0 a.m.16 views

openSUSE: Security Advisory for python (SUSE-SU-2024:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.00576EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/12/28 12:0 a.m.15 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-grpcio (SUSE-SU-2024:4429-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4429-1 advisory. - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 -...

7.5CVSS6.7AI score0.00576EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/28 12:0 a.m.13 views

SUSE SLES15 Security Update : python-grpcio (SUSE-SU-2024:4428-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4428-1 advisory. - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by...

7.5CVSS6.7AI score0.00576EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2024/12/27 10:16 a.m.5 views

Security update for python-grpcio

This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
OSV
OSV
added 2024/12/27 10:16 a.m.7 views

SUSE-SU-2024:4429-1 Security update for python-grpcio

This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...

7.5CVSS8.1AI score0.00576EPSS
Exploits1References5
OSV
OSV
added 2024/12/27 10:16 a.m.7 views

SUSE-SU-2024:4428-1 Security update for python-grpcio

This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...

7.5CVSS8.1AI score0.00576EPSS
Exploits1References5
Rows per page
Query Builder