Lucene search
+L

70 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-0728

Malware in sbrugna...

2.1CVSS6.4AI score0.00307EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32779

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00705EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/10 1:31 a.m.6 views

CVE-2025-42954

SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on...

2.7CVSS7AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 1:15 a.m.12 views

CVE-2025-42954

SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on...

2.7CVSS0.00384EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/08 12:34 a.m.5 views

CVE-2025-42954 Denial of service (DOS) in SAP NetWeaver Business Warehouse (CCAW application)

SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on...

2.7CVSS6.4AI score0.00384EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.5 views

SAP NetWeaver Business Warehouse 安全漏洞

SAP NetWeaver Business Warehouse is a data warehouse solution from SAP, Germany. A security vulnerability exists in SAP NetWeaver Business Warehouse, which originates from a privileged attacker who can execute an RFC function module without input parameters resulting in a high CPU load, which may...

2.7CVSS6.7AI score0.00384EPSS
Exploits0References3
Veracode
Veracode
added 2025/02/25 5:39 a.m.8 views

Hash Collision Attack

tech.kwik, kwik is vulnerable to Hash collision attack. The vulnerability is due to a hash collision in the connection management hash table, allowing remote attackers to cause high CPU load via colliding Source Connection IDs SCIDs...

5.3CVSS6.7AI score0.00535EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.9 views

Kwik 安全漏洞

Kwik is a client and server that implements the QUIC protocol RFC 9000 by the individual developer Peter Doornbosch in the Netherlands. A security vulnerability exists in Kwik prior to version 0.10.1, which stems from the inclusion of a hash conflict vulnerability. A remote attacker could exploit...

5.3CVSS6.4AI score0.00535EPSS
Exploits0References2
OSV
OSV
added 2025/02/19 10:45 a.m.11 views

CLSA-2025-1739961948 bind: Fix of CVE-2023-4408

CVE-2023-4408: fix high CPU load in ‘named’ while parsing large DNS messages...

7.5CVSS6.8AI score0.01327EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:17 a.m.9 views

CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

7.5CVSS7AI score0.00705EPSS
Exploits0References1
OSV
OSV
added 2025/01/15 8:15 a.m.5 views

CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

7.5CVSS7.2AI score
Exploits0References2
NVD
NVD
added 2025/01/15 8:15 a.m.9 views

CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

7.5CVSS0.00705EPSS
Exploits0References2
CVE
CVE
added 2025/01/15 8:0 a.m.97 views

CVE-2024-4227

CVE-2024-4227 affects Genivia gSOAP. A specific configuration allows an unauthenticated remote attacker to cause high CPU load by forcing the XML parser to process duplicate ID attributes, leading to a DoS. The vulnerability is tied to the gSOAP XML parsing behavior; impact is denial of service w...

7.5CVSS7.5AI score0.00705EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.7 views

PT-2025-2635 · Genivia · Gsoap

Name of the Vulnerable Software and Affected Versions: Genivia gSOAP affected versions not specified Description: The issue allows an unauthenticated remote attacker to generate a high CPU load by forcing the system to parse an XML with duplicate ID attributes, potentially leading to a Denial of...

7.8CVSS7.7AI score0.00705EPSS
Exploits0References12
Snyk
Snyk
added 2024/12/02 9:37 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the multipart/form-data, when line breaks: CR \r or LF \n in front of the first boundary and any tailing bytes...

8.7CVSS6.9AI score0.00644EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/02 3:57 p.m.23 views

CVE-2024-53981 python-multipart has a Denial of service (DoS) via deformation `multipart/form-data` boundary

python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause...

7.5CVSS0.00644EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.4 views

PT-2024-2753 · Isc +12 · Bind 9 +12

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.0.0 through 9.16.45 BIND 9 versions 9.18.0 through 9.18.21 BIND 9 versions 9.19.0 through 9.19.19 BIND 9 versions 9.9.3-S1 through 9.11.37-S1 BIND 9 versions 9.16.8-S1 through 9.16.45-S1 BIND 9 versions 9.18.11-S1 through...

7.8CVSS6.6AI score0.99995EPSS
Exploits1References199
Prion
Prion
added 2023/05/17 6:15 p.m.989 views

Cross site request forgery (csrf)

react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impa...

5CVSS5.1AI score0.0068EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/17 5:24 p.m.11 views

CVE-2023-26044 ReactPHP's HTTP server continues parsing unused multipart parts after reaching limits

react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impa...

5.3CVSS5.2AI score0.0068EPSS
Exploits0References2
OSV
OSV
added 2022/07/29 2:15 p.m.15 views

CVE-2022-2576

In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification DDoS other peer...

7.5CVSS7.5AI score
Exploits0References1
Rows per page
Query Builder