Lucene search
K

323 matches found

Redos
Redos
added 2024/08/05 12:0 a.m.36 views

ROS-20240805-01

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Cvelist
Cvelist
added 2024/07/28 12:0 a.m.41 views

CVE-2024-42049

TightVNC Server for Windows before 2.8.84 allows attackers to connect to the control pipe via a network connection...

0.02147EPSS
Exploits3References2
Citrix
Citrix
added 2024/07/13 12:0 a.m.8 views

Acceleration Does Not Work After Cisco ASA 8.x is Configured to Allow TCP Options

Installed Citrix CloudBridge as INLINE in two sites, which are connected through an IPSec VPN using Cisco ASA firewall. The TCP option policy, as suggested in CTX112401 – Acceleration Does Not Take Place for Configured Traffic Types, is applied to ASA, but acceleration still does not work. The...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2024/05/17 8:28 p.m.39 views

CVE-2023-52424

The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...

6.4AI score0.00716EPSS
Exploits0References4
Redos
Redos
added 2024/05/03 12:0 a.m.46 views

ROS-20240503-02

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.1AI score0.99999EPSS
Exploits19
NVD
NVD
added 2024/04/29 4:15 p.m.17 views

CVE-2024-32268

An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component...

3.3CVSS6.5AI score0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/29 12:0 a.m.21 views

CVE-2024-32268

An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component...

6.8AI score0.00205EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 12:0 a.m.67 views

CVE-2024-32268

CVE-2024-32268 describes a vulnerability in Tuya Smart camera U6N v3.2.5 where a remote attacker can cause a denial of service by sending a crafted packet to the network connection component. Affected product: Tuya Smart camera U6N (version 3.2.5). Current documents do not provide concrete exploi...

3.3CVSS6.8AI score0.00205EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.6 views

PT-2024-24476 · Tuya · Tuya Smart Camera U6N

Name of the Vulnerable Software and Affected Versions: Tuya Smart camera U6N version 3.2.5 Description: An issue in the Tuya Smart camera U6N allows a remote attacker to cause a denial of service via a crafted packet to the network connection component. Recommendations: For Tuya Smart camera U6N...

3.3CVSS7.2AI score0.00205EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/04/29 12:0 a.m.24 views

CVE-2024-32268

An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component...

6.7AI score0.00205EPSS
Exploits0References1
Redos
Redos
added 2024/04/23 12:0 a.m.51 views

ROS-20240423-01

Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...

7.5CVSS8.8AI score0.99999EPSS
Exploits19
CNVD
CNVD
added 2024/04/18 12:0 a.m.22 views

Tenda W30E formSetCfm Function Stack Buffer Overflow Vulnerability

The Tenda W30E is a wireless router developed by Tenda to provide a stable network connection for homes and small offices. A stack buffer overflow vulnerability exists in the formSetCfm function of the /goform/setcfm file in Tenda W30E version 1.0.1.25633. An attacker can exploit this vulnerabili...

9CVSS7.4AI score0.01451EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 12:15 a.m.27 views

CVE-2024-3572

The scrapy/scrapy project is vulnerable to XML External Entity XXE attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, ...

7.5CVSS6.7AI score
Exploits0References2
Microsoft KB
Microsoft KB
added 2024/04/09 7:0 a.m.113 views

April 9, 2024—KB5036910 (OS Build 25398.830)

April 9, 2024—KB5036910 OS Build 25398.830 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

8.8CVSS7.9AI score0.87784EPSS
Exploits6
Redos
Redos
added 2024/04/02 12:0 a.m.50 views

ROS-20240402-08

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
Redos
Redos
added 2024/04/02 12:0 a.m.48 views

ROS-20240402-07

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

CentOS 9 : podman-4.1.1-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the podman-4.1.1-3.el9 build changelog. - net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via...

7.5CVSS7.1AI score0.03958EPSS
Exploits0References3
OSV
OSV
added 2024/02/22 5:15 p.m.1 views

DEBIAN-CVE-2024-26592

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbdtcpnewconnection The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on struct tcptransport in ksmbdtcpnewconnection function...

7.8CVSS5.8AI score0.00828EPSS
Exploits0References1
Citrix
Citrix
added 2023/11/28 12:0 a.m.6 views

iOS Receiver disconnects from session after one minute of activity

Citrix users using Receiver for iOS are disconnected from their Citrix session after working on the session by typing or clicking for around20-30 seconds. The users get the following error: "Cannot Connect. Check your network connection and try again. OK." If the users are not working on the...

6.8AI score
Exploits0
Citrix
Citrix
added 2023/09/01 12:0 a.m.7 views

HTML5 external users are not able to launch applications via Netscaler Gateway, Workspace works.

Users connecting externally are not able to launch connections with the Light HTML5 browser access but are able to launch with the Workspace App. Error displayed: "Citrix Workspace app cannot connect to the server. Please check your network connection or contact your help desk for assistance."...

7.1AI score
Exploits0
Rows per page
Query Builder