Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-5587

Malware in sbrugna...

7.8CVSS6.4AI score0.02393EPSS
Exploits0References8
F5 Networks
F5 Networks
added 2025/08/21 7:3 p.m.8 views

K000153119: libtirpc vulnerability CVE-2021-46828

Security Advisory Description In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections. CVE-2021-46828 Impact...

7.5CVSS8AI score0.02088EPSS
Exploits0
Amazon
Amazon
added 2025/03/06 12:0 a.m.4 views

Important: libtirpc

Issue Overview: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections. CVE-2021-46828 Affected Packages:...

7.5CVSS6.8AI score0.02088EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/06/05 2:47 p.m.6 views

jetty: stop accepting new connections from valid clients

A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file...

7.5CVSS7AI score0.01433EPSS
Exploits0References6
Snyk
Snyk
added 2024/03/15 7:20 p.m.5 views

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' due to the handling of connections in NetFraming based services. An attacker can consume extra system resources by establishing connections that are not properly closed or aborted...

7.5CVSS6.9AI score0.00579EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.9 views

PT-2024-22368 · Corewcf · Corewcf

Name of the Vulnerable Software and Affected Versions: CoreWCF versions prior to 1.4.2 CoreWCF versions prior to 1.5.2 Description: The issue affects NetFraming based CoreWCF services, where extra system resources could be consumed by connections being left established instead of closing or...

7.5CVSS7.1AI score0.00579EPSS
Exploits0References9
OSV
OSV
added 2024/03/06 10:55 a.m.23 views

BIT-ENVOY-2022-23606 Crash when a cluster is deleted in Envoy

Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service CDS all idle connections established to endpoints in that cluster are disconnected. A recursion was introduced in the procedure of disconnecting idle...

6.5CVSS5.4AI score0.01EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.1 views

SUSE CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

7.5CVSS9.5AI score0.02088EPSS
Exploits0References87
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.2 views

SUSE CVE-2022-23606

Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service CDS all idle connections established to endpoints in that cluster are disconnected. A recursion was introduced in the procedure of disconnecting idle...

6.5CVSS6.7AI score0.01EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/11/15 9:57 a.m.4 views

libtirpc: DoS vulnerability with lots of connections

A denial of service DoS vulnerability was found in libtirpc. This flaw allows a remote attacker to exhaust the file descriptors of a process that uses libtirpc due to mishandling idle TCP connections. This issue leads to a svcrun infinite loop without accepting new connections...

7.5CVSS7.1AI score0.02088EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2022/08/02 7:0 a.m.4 views

In libtirpc before 1.3.3rc1 remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can in turn lead to an svc_run infinite loop without accepting new connections.

...

7.5CVSS7.8AI score0.02088EPSS
Exploits0
OSV
OSV
added 2022/07/30 11:4 a.m.4 views

OESA-2022-1795 libtirpc security update

Libtirpc is a Transport-Independent RPC library for Linux Security Fixes: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without...

7.5CVSS7AI score0.02088EPSS
Exploits0References2
OSV
OSV
added 2022/07/20 6:15 a.m.2 views

DEBIAN-CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

7.5CVSS7.6AI score0.02088EPSS
Exploits0References1
OSV
OSV
added 2022/07/20 6:15 a.m.1 views

ALPINE-CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

7.5CVSS6.9AI score0.02088EPSS
Exploits0References1
OSV
OSV
added 2022/07/20 6:15 a.m.3 views

UBUNTU-CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

7.5CVSS7.1AI score0.02088EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/20 12:0 a.m.2 views

LIBTIRPC 安全漏洞

LIBTIRPC is a package used on Linux systems that contains libraries supporting programs that use the Remote Procedure Call RPC API. A security vulnerability exists in versions of LIBTIRPC prior to 1.3.3rc1, which stems from the fact that a remote attacker can exhaust the file descriptors of a fil...

7.5CVSS7.6AI score0.02088EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.3 views

PT-2022-7313 · Libtirpc +9 · Libtirpc +9

Name of the Vulnerable Software and Affected Versions: libtirpc versions prior to 1.3.3rc1 Description: The issue is related to the mishandling of idle TCP connections, which can lead to the exhaustion of file descriptors of a process that uses libtirpc. This can cause an svc run infinite loop...

7.8CVSS9.3AI score0.02088EPSS
Exploits0References64
RedHat Linux
RedHat Linux
added 2022/05/10 2:44 p.m.6 views

libtirpc: DoS vulnerability with lots of connections

A denial of service DoS vulnerability was found in libtirpc. This flaw allows a remote attacker to exhaust the file descriptors of a process that uses libtirpc due to mishandling idle TCP connections. This issue leads to a svcrun infinite loop without accepting new connections...

7.5CVSS7.1AI score0.02088EPSS
Exploits0References4
Prion
Prion
added 2022/02/22 11:15 p.m.24 views

Design/Logic Flaw

Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service CDS all idle connections established to endpoints in that cluster are disconnected. A recursion was introduced in the procedure of disconnecting idle...

4CVSS7AI score0.01EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/02/22 12:0 a.m.5 views

PT-2022-16121 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy affected versions not specified Description: Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service CDS, all idle connections established to...

6.5CVSS6.7AI score0.01EPSS
Exploits0References9
Rows per page
Query Builder