1332 matches found
CVE-2025-29908
CVE-2025-29908 affects the Netty QUIC codec (netty-incubator-codec-quic) which uses quiche. The issue is a hash collision in the hash map that manages connections, allowing a remote attacker to induce a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs), causing consi...
Linux Distros Unpatched Vulnerability : CVE-2021-41499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n Pyo 1.03 in the Serverdebug function, which allows remote attackers to conduct DoS attacks by...
Linux Distros Unpatched Vulnerability : CVE-2017-9263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Open vSwitch OvS 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort function for undefined role status reasons in the functio...
CVE-2025-24947
CVE-2025-24947 (LSQUIC) : LSQUIC (LiteSpeed QUIC) versions prior to 4.2.0 are affected by a hash collision vulnerability in the hash table used to manage connections. Remote attackers can trigger a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs) due to XXH32 usage,...
Updated libtasn1 packages fix security vulnerability
When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific element in it take quadratic time to complete. This could be utilized for a remote DoS attack by presenting a crafted certificate to the network peer...
CVE-2024-30259
FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...
Medium: jetty
Issue Overview: There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service DoS attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the...
Moderate: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2017-13320
In impeg2dbitstreamflush of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2017-13320
In impeg2dbitstreamflush of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2017-13320
In impeg2dbitstreamflush of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2021-1440
A vulnerability in the implementation of the Resource Public Key Infrastructure RPKI feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol BGP process to crash, resulting in a denial of service DoS condition. This vulnerability is du...
Eclipse Jetty DoS Vulnerability (GHSA-g8m5-722r-8whq) - Linux
Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...
CVE-2024-42643
Integer Overflow in fastping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access...
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Impact Remote DOS attack can cause out of memory Description There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger...
Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks
Impact Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory. Patches https://github.com/jetty/jetty.project/pull/9715 https://github.com/jetty/jetty.project/pull/9716 Workarounds The session usage is intrinsic to the...
CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-8184 Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote which can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory...
CVE-2024-6762
CVE-2024-6762 is evidenced in Debian advisories as affecting Jetty 9 (Jetty9) where PushSessionCacheFilter (and PushCacheFilter) can be abused by unauthenticated actors to trigger remote DoS through memory exhaustion. Debian security updates fix Jetty9 in Debian 11 and 12: upgrade to Jetty 9.4.57...
CVE-2024-6762 Jetty PushSessionCacheFilter can cause remote DoS attacks
Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory...