Lucene search
+L

443 matches found

Apache Tomcat
Apache Tomcat
added 2020/06/07 12:0 a.m.67 views

Fixed in Apache Tomcat 8.5.56

Important: HTTP/2 DoS CVE-2020-11996 A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. This was fixed with commit c8acd2ab. Thi...

7.5CVSS7.5AI score0.26699EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/05/21 12:0 a.m.3 views

libexif Resource Management Error Vulnerability

libexif is a library of functions written in the C language. It is mainly used to read and write EXIF meta-information from graphics files. A security vulnerability exists in versions prior to libexif 0.6.22, which stems from the program failing to limit the size value when processing Canon EXIF...

7.5CVSS9AI score0.02301EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.8 views

WDS has a high CPU usage when many client computers try to start in Windows Server 2012 R2

WDS has a high CPU usage when many client computers try to start in Windows Server 2012 R2 This article describes an issue that occurs in Windows Server 2012 R2 that has Windows Deployment Services WDS installed. You can fix this issue by using the update in this article. Before you install this...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/03/05 12:53 p.m.3 views

HTTP/2: flood using empty frames results in excessive resource consumption

A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.25448EPSS
Exploits0References6
NVD
NVD
added 2020/03/04 7:15 p.m.19 views

CVE-2020-3164

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Security Management Appliance SMA could allow an unauthenticated remote attacker to cause high CPU usage on an affected device,...

5.3CVSS5.4AI score0.01281EPSS
Exploits0References1
Prion
Prion
added 2020/03/04 7:15 p.m.19 views

Input validation

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Security Management Appliance SMA could allow an unauthenticated remote attacker to cause high CPU usage on an affected device,...

5CVSS5.5AI score0.01281EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2020/03/04 6:40 p.m.21 views

CVE-2020-3164 Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Security Management Appliance SMA could allow an unauthenticated remote attacker to cause high CPU usage on an affected device,...

5.3CVSS5.4AI score0.01281EPSS
Exploits0References1
Veracode
Veracode
added 2020/02/18 8:34 a.m.32 views

Denial Of Service

libexiv2.so is vulnerable to denial of service DoS. The attack exists when an attacker provide a malicious input to Jp2Image::readMetadata in jp2image.cpp, causing an infinite loop and high CPU usage...

7.5CVSS2.9AI score0.04296EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2020/01/27 5:15 a.m.1 views

DEBIAN-CVE-2019-20421

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

7.5CVSS6.8AI score0.04296EPSS
Exploits1References1
PyPA
PyPA
added 2020/01/27 5:15 a.m.6 views

PYSEC-2020-344

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

7.8CVSS6.6AI score0.04296EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2020/01/15 8:40 a.m.28 views

CVE-2020-1600 Junos OS: A specific SNMP command can trigger a high CPU usage Denial of Service in the RPD daemon.

In a Point-to-Multipoint P2MP Label Switched Path LSP scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon RPD in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service DoS condition...

6.5CVSS6.9AI score0.01196EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/12/19 5:37 p.m.4 views

HTTP/2: flood using empty frames results in excessive resource consumption

A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.25448EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/12/16 12:0 a.m.12 views

PT-2019-15812 · Cz.Nic +2 · Knot Resolver +2

Name of the Vulnerable Software and Affected Versions: knot-resolver versions prior to 4.3.0 Description: The issue allows for denial of service through high CPU utilization. This occurs when DNS replies contain a large number of resource records, which can be processed inefficiently. In extreme...

7.5CVSS6.8AI score0.02619EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2019/12/13 12:0 a.m.36 views

Cisco cBR Series Converged Broadband Routers High CPU Usage DoS (cisco-sa-20180418-cbr8)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability on Cisco cBR Series Converged Broadband Routers due to incorrect handling of certain DHCP packets. An unauthenticated, adjacent, attacker can exploit this, by sending certain DHCP...

4.3CVSS5.2AI score0.00804EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/11/14 9:17 p.m.5 views

HTTP/2: flood using empty frames results in excessive resource consumption

A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.25448EPSS
Exploits0References6
NVD
NVD
added 2019/08/08 8:15 a.m.16 views

CVE-2019-1957

A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS...

7.8CVSS6.1AI score0.01967EPSS
Exploits0References1
OSV
OSV
added 2019/08/08 8:15 a.m.4 views

CVE-2019-1957

A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS...

7.5CVSS6.4AI score0.01967EPSS
Exploits0References1
Prion
Prion
added 2019/08/08 8:15 a.m.14 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS...

7.8CVSS7.5AI score0.01967EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2019/07/16 1:48 p.m.8 views

389-ds-base: Insufficient fix for CVE-2018-14648 denial of service in RHEL-7.5

It was found that the fix for CVE-2018-14648 was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...

7.8CVSS5.7AI score0.0629EPSS
Exploits0References4
NVD
NVD
added 2019/04/17 10:29 p.m.19 views

CVE-2019-1718

A vulnerability in the web interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of Secure Sockets Layer SSL renegotiation requests. A...

7.8CVSS6.3AI score0.02516EPSS
Exploits0References2
Rows per page
Query Builder