Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.14 views

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-44487)

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

7.5CVSS7AI score0.99999EPSS
Exploits19References10
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.17 views

TencentOS Server 3: nodejs:18 (TSSA-2023:0256)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0256 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References5
Cvelist
Cvelist
added 2025/02/07 7:9 a.m.35 views

CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS0.01327EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/02 10:36 p.m.80 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Liberty Profile affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in IBM WebSphere Liberty Profile affect IBM Robotic Process Automation. IBM WebSphere Liberty Profile is used by IBM Robotic Process Automation as part of UMS and as an application server for container deployments. This bulletin identifies the security fixes to...

7.5CVSS8.6AI score0.99999EPSS
Exploits20Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.47 views

EulerOS 2.0 SP5 : golang (EulerOS-SA-2024-1140)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or...

8.1CVSS7.6AI score0.99999EPSS
Exploits19References5
Node JS Blog
Node JS Blog
added 2023/10/13 12:0 a.m.68 views

Friday October 13 2023 Security Releases

Friday October 13 2023 Security Releases Update 13-October-2023 Security releases available Updates are now available for the v18.x and v20.x Node.js release lines for the following issues. undici - Cookie headers are not cleared in cross-domain redirect in undici-fetch Low - CVE-2023-45143 Undic...

9.8CVSS7.7AI score0.99999EPSS
Exploits19
OSV
OSV
added 2023/10/10 2:15 p.m.8 views

AZL-34904 CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References1
OSV
OSV
added 2023/10/10 2:15 p.m.15 views

AZL-35015 CVE-2023-44487 affecting package multus for versions less than 3.8-12

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References1
OSV
OSV
added 2022/09/06 5:29 p.m.27 views

CVE-2022-27664

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...

7.5CVSS7.5AI score0.02607EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.39 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect Power Hardware Management Console (CVE-2016-6816, CVE-2016-6817, and CVE-2016-0762)

Summary Apache Tomcat is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote...

7.5CVSS0.1AI score0.39633EPSS
Exploits7Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2019:2259-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/09/09 8:13 p.m.156 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS7.3AI score0.82017EPSS
Exploits0References3
Rows per page
Query Builder