HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

Netapp Clustered Data ONTAP 安全漏洞

NetApp Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. An information disclosure vulnerability exists in NetApp Clustered Data ONTAP versions prior to 9.3P20. An attacker can exploit this vulnerability via the AutoSupport bundle to discover node names even i...