70 matches found
EUVD-1999-0728
Malware in sbrugna...
EUVD-2024-32779
Malicious code in bioql PyPI...
CVE-2025-42954
SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on...
CVE-2025-42954
SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on...
CVE-2025-42954 Denial of service (DOS) in SAP NetWeaver Business Warehouse (CCAW application)
SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on...
SAP NetWeaver Business Warehouse 安全漏洞
SAP NetWeaver Business Warehouse is a data warehouse solution from SAP, Germany. A security vulnerability exists in SAP NetWeaver Business Warehouse, which originates from a privileged attacker who can execute an RFC function module without input parameters resulting in a high CPU load, which may...
Hash Collision Attack
tech.kwik, kwik is vulnerable to Hash collision attack. The vulnerability is due to a hash collision in the connection management hash table, allowing remote attackers to cause high CPU load via colliding Source Connection IDs SCIDs...
Kwik 安全漏洞
Kwik is a client and server that implements the QUIC protocol RFC 9000 by the individual developer Peter Doornbosch in the Netherlands. A security vulnerability exists in Kwik prior to version 0.10.1, which stems from the inclusion of a hash conflict vulnerability. A remote attacker could exploit...
CLSA-2025-1739961948 bind: Fix of CVE-2023-4408
CVE-2023-4408: fix high CPU load in ‘named’ while parsing large DNS messages...
CVE-2024-4227
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...
CVE-2024-4227
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...
CVE-2024-4227
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...
CVE-2024-4227
CVE-2024-4227 affects Genivia gSOAP. A specific configuration allows an unauthenticated remote attacker to cause high CPU load by forcing the XML parser to process duplicate ID attributes, leading to a DoS. The vulnerability is tied to the gSOAP XML parsing behavior; impact is denial of service w...
PT-2025-2635 · Genivia · Gsoap
Name of the Vulnerable Software and Affected Versions: Genivia gSOAP affected versions not specified Description: The issue allows an unauthenticated remote attacker to generate a high CPU load by forcing the system to parse an XML with duplicate ID attributes, potentially leading to a Denial of...
Allocation of Resources Without Limits or Throttling
Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the multipart/form-data, when line breaks: CR \r or LF \n in front of the first boundary and any tailing bytes...
CVE-2024-53981 python-multipart has a Denial of service (DoS) via deformation `multipart/form-data` boundary
python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause...
PT-2024-2753 · Isc +12 · Bind 9 +12
Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.0.0 through 9.16.45 BIND 9 versions 9.18.0 through 9.18.21 BIND 9 versions 9.19.0 through 9.19.19 BIND 9 versions 9.9.3-S1 through 9.11.37-S1 BIND 9 versions 9.16.8-S1 through 9.16.45-S1 BIND 9 versions 9.18.11-S1 through...
Cross site request forgery (csrf)
react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impa...
CVE-2023-26044 ReactPHP's HTTP server continues parsing unused multipart parts after reaching limits
react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impa...
CVE-2022-2576
In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification DDoS other peer...