Lucene search
+L

24 matches found

OSV
OSV
added 2021/03/08 5:15 a.m.6 views

DEBIAN-CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS5.3AI score0.01871EPSS
Exploits0References1
Veracode
Veracode
added 2020/12/10 4:18 p.m.32 views

Integer Overflow

PCRE is vulnerable to integer overflow. The vulnerability exist because the number larger then the limit of the C substring is not sanitized...

5.3CVSS3.1AI score0.04182EPSS
Exploits0References15Affected Software14
Hacker One
Hacker One
added 2019/08/09 1:54 p.m.43 views

GitLab: Uncontrolled Resource Consumption in any Markdown field using Mermaid

Summary I found a bypass for the mitigation of DoS via Mermaid CVE-2019-9220. As the mitigation for CVE-2019-9220, the input limit of 5000 characters is currently applied to a Mermaid code block, but it can be bypassed by simply splitting the longer payload to many code blocks. Steps to reproduce...

5CVSS6.9AI score0.02776EPSS
Exploits2
NVD
NVD
added 2015/12/17 7:59 p.m.19 views

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

7.2CVSS9.2AI score0.00419EPSS
Exploits0References4
Rows per page
Query Builder