97 matches found
CVE-2026-49232
CVE-2026-49232—Routinator exits on any error when accepting incoming HTTP or RTR connections, including recoverable ones like running out of file descriptors. An attacker could trigger this by opening a large number of connections to the HTTP/RTR server, affecting availability for untrusted netwo...
CVE-2022-26834
Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default...
CVE-2025-63561
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Service DoS condition in the HTTP connection handling layer, where an attacker that opens and maintains many slow or partially-completed HTTP connections can exhaust the server’s...
CVE-2025-63561
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Service DoS condition in the HTTP connection handling layer, where an attacker that opens and maintains many slow or partially-completed HTTP connections can exhaust the server’s...
EUVD-2004-1721
Malware in sbrugna...
EUVD-2017-11998
Malware in sbrugna...
EUVD-2017-11996
Malware in sbrugna...
EUVD-2022-31384
Malicious code in bioql PyPI...
EUVD-2023-35509
Malicious code in bioql PyPI...
EUVD-2025-16328
Malicious code in bioql PyPI...
EUVD-2023-12417
Malicious code in bioql PyPI...
CVE-2025-54799
Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...
Hackney fails to properly release HTTP connections to the pool
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...
GHSA-9FM9-HP7P-53MF Hackney fails to properly release HTTP connections to the pool
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...
CVE-2025-3864
Hackney contains a vulnerability where it fails to properly release HTTP connections back to the pool after handling 307 Temporary Redirect responses, which can exhaust connection pools and cause denial of service in applications using the library. The issue is tied to CVE-2025-3864. A fix is inc...
CVE-2025-3864 Connection pool exhaustion in hackney
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...
CVE-2025-3864 Connection pool exhaustion in hackney
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...
PT-2025-23077
Name of the Vulnerable Software and Affected Versions Hackney versions prior to 1.24.0 Description The issue arises from Hackney's failure to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. This allows remote attackers to exhaust connection pools,...
CVE-2023-31193
Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation...
CVE-2022-22282
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability...