Lucene search
K

440 matches found

OSV
OSV
added 2020/10/08 5:15 a.m.5 views

CVE-2020-3567

A vulnerability in the management REST API of Cisco Industrial Network Director IND could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to insufficient...

6.5CVSS6.6AI score0.01154EPSS
Exploits0References1
OSV
OSV
added 2020/10/06 7:15 p.m.3 views

UBUNTU-CVE-2020-13333

A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage...

4.3CVSS5.8AI score0.02112EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/09/03 12:0 a.m.9 views

PT-2020-3857 · Cisco · Cisco Email Security Appliance

Name of the Vulnerable Software and Affected Versions: Cisco Email Security Appliance ESA versions affected versions not specified Description: A vulnerability in the Transport Layer Security TLS protocol implementation could allow an unauthenticated, remote attacker to cause high CPU usage on an...

7.5CVSS7.3AI score0.00809EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/07/31 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2020-1829)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.87553EPSS
Exploits17References2
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.67 views

EulerOS 2.0 SP8 : tomcat (EulerOS-SA-2020-1829)

According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56...

7.5CVSS7.3AI score0.87553EPSS
Exploits17References5
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.6 views

HTTP/2: flood using empty frames results in excessive resource consumption

A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.25448EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.36 views

openSUSE Security Update : tomcat (openSUSE-2020-1063)

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.9AI score0.26699EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.54 views

FreeBSD : Apache Tomcat -- Multiple Vulnerabilities (6a72eff7-ccd6-11ea-9172-4c72b94353b5)

The Apache Software Foundation reports : An h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. The payload length in a WebSocket frame was...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References8
OSV
OSV
added 2020/07/21 6:31 a.m.9 views

SUSE-SU-2020:1983-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.4AI score0.26699EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/07/21 12:0 a.m.8 views

openSUSE: Security Advisory for mumble (openSUSE-SU-2020:1016-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.22 views

openSUSE Security Update : mumble (openSUSE-2020-1016)

This update for mumble fixes the following issues : mumble was updated 1.3.2 : - client: Fixed overlay not starting Update to upstream version 1.3.1 - Security - Fixed: Potential exploit in the OCB2 encryption 4227 boo1174041 - ICE - Fixed: Added missing UserKDFIterations field to UserInfo =...

5.7AI score
Exploits0References1
OSV
OSV
added 2020/07/20 3:30 p.m.8 views

SUSE-SU-2020:1963-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.4AI score0.26699EPSS
Exploits0References3
OSV
OSV
added 2020/07/20 3:30 p.m.6 views

SUSE-SU-2020:1962-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.4AI score0.26699EPSS
Exploits0References3
OSV
OSV
added 2020/07/03 8:40 p.m.7 views

SUSE-SU-2020:1841-1 Security update for tomcat

This update for tomcat fixes the following issues: Tomcat was updated to 9.0.36 See changelog at - CVE-2020-11996: Fixed an issue which by sending a specially crafted sequence of HTTP/2 requests could have triggered high CPU usage for several seconds making potentially the server unresponsive...

7.5CVSS7.4AI score0.26699EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/03 12:0 a.m.229 views

Apache Tomcat 9.0.0.M1 < 9.0.36

The version of Tomcat installed on the remote host is prior to 9.0.36. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.36security-9 advisory. - A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.3...

7.5CVSS8AI score0.26699EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/06/26 4:27 p.m.34 views

CVE-2020-11996

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become...

7.5CVSS8.8AI score0.26699EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/06/26 1:50 p.m.45 views

CVE-2020-11996

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become...

5CVSS1.4AI score0.26699EPSS
Exploits0References7
Apache Tomcat
Apache Tomcat
added 2020/06/07 12:0 a.m.66 views

Fixed in Apache Tomcat 8.5.56

Important: HTTP/2 DoS CVE-2020-11996 A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. This was fixed with commit c8acd2ab. Thi...

7.5CVSS7.5AI score0.26699EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/05/21 12:0 a.m.3 views

libexif Resource Management Error Vulnerability

libexif is a library of functions written in the C language. It is mainly used to read and write EXIF meta-information from graphics files. A security vulnerability exists in versions prior to libexif 0.6.22, which stems from the program failing to limit the size value when processing Canon EXIF...

7.5CVSS9AI score0.02301EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.8 views

WDS has a high CPU usage when many client computers try to start in Windows Server 2012 R2

WDS has a high CPU usage when many client computers try to start in Windows Server 2012 R2 This article describes an issue that occurs in Windows Server 2012 R2 that has Windows Deployment Services WDS installed. You can fix this issue by using the update in this article. Before you install this...

5.8AI score
Exploits0
Rows per page
Query Builder