CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

704 matches found

RedHat Linux•added 2024/04/04 3:23 p.m.•2 views

undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...

7.5CVSS7.1AI score0.04572EPSS

Exploits0References4

Tenable Nessus•added 2024/04/04 12:0 a.m.•35 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.16 Security update (Important) (RHSA-2024:1675)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1675 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

7.5CVSS7.1AI score0.93305EPSS

Exploits4References29

Microsoft KB•added 2024/03/22 7:0 a.m.•63 views

January 9, 2024-KB5034276 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2

January 9, 2024-KB5034276 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11, version 21H2 Release Date: January 9, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 11, version...

9.8CVSS8.7AI score0.98832EPSS

Exploits1

GithubExploit•added 2024/03/11 10:14 a.m.•167 views

Exploit for Generation of Error Message Containing Sensitive Information in Microsoft

Leaking and Exploiting ObjRefs via HTTP .NET Remoting CVE-2...

7.5CVSS6.8AI score0.98832EPSS

Exploits1

OpenVAS•added 2024/03/08 12:0 a.m.•38 views

Fedora: Security Advisory for objenesis (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS

Exploits3References2

Fedora•added 2024/03/07 10:33 p.m.•25 views

[SECURITY] Fedora 40 Update: objenesis-3.3-9.fc40

Objenesis is a small Java library that serves one purpose: to instantiate a new object of a particular class. Java supports dynamic instantiation of classes using Class.newInstance; however, this only works if the class has an appropriate constructor. There are many times when a class cannot be...

8.8CVSS8.9AI score0.02557EPSS

Exploits3

Github Security Blog•added 2024/02/20 12:30 a.m.•18 views

Undertow Uncontrolled Resource Consumption Vulnerability

7.5CVSS6.5AI score0.04572EPSS

Exploits0References19Affected Software1

OSV•added 2024/02/19 10:15 p.m.•1 views

DEBIAN-CVE-2024-1635

7.5CVSS7.2AI score0.04572EPSS

Exploits0References1

OSV•added 2024/02/19 10:15 p.m.•0 views

UBUNTU-CVE-2024-1635

7.5CVSS7AI score0.04572EPSS

Exploits0References4

Vulnrichment•added 2024/02/19 9:23 p.m.•29 views

CVE-2024-1635 Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol

7.5CVSS6.6AI score0.04572EPSS

Exploits0References15

Debian CVE•added 2024/02/19 9:23 p.m.•36 views

CVE-2024-1635

7.5CVSS7.4AI score0.04572EPSS

Exploits0

RedhatCVE•added 2024/02/19 5:50 p.m.•94 views

CVE-2024-1635

7.5CVSS7.5AI score0.04572EPSS

Exploits0References3

Kitploit•added 2023/12/01 11:30 a.m.•30 views

Aladdin - Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory

Aladdin is a payload generation technique based on the work of James Forshaw @tiraniddo that allows the deseriallization of a .NET payload and execution in memory. The original vector was documented on https://www.tiraniddo.dev/2017/07/dg-on-windows-10-s-executing-arbitrary.html. By spawning the...

7.5AI score

Exploits0References3

IBM Security Bulletins•added 2023/09/25 8:33 a.m.•24 views

Security Bulletin: Multiple vulnerabilities in Akka affect IBM Application Performance Management products.

Summary Akka actor jar is used by IBM Application Performance Management. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2017-1000034 DESCRIPTION: Akka could allow a remote attacker to execute arbitrary code on the system, caused by a Java...

9.3CVSS8.6AI score0.05666EPSS

Exploits0Affected Software1

NVD•added 2023/09/04 4:15 p.m.•21 views

CVE-2023-28072

Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system...

7.8CVSS7.8AI score0.00268EPSS

Exploits0References1

OSV•added 2023/09/04 4:15 p.m.•6 views

CVE-2023-28072

7.8CVSS6AI score0.00268EPSS

Exploits0References1

Prion•added 2023/09/04 4:15 p.m.•23 views

Deserialization of untrusted data

4.3CVSS7.7AI score0.00268EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/04 3:38 p.m.•12 views

CVE-2023-28072

7.8CVSS7.5AI score0.00268EPSS

Exploits0References1

Cvelist•added 2023/09/04 3:38 p.m.•18 views

CVE-2023-28072

7.8CVSS7.9AI score0.00268EPSS

Exploits0References1

CVE•added 2023/09/04 3:38 p.m.•35 views

CVE-2023-28072

CVE-2023-28072 affects Dell Alienware Command Center prior to 5.5.51.0. The issue is a deserialization of untrusted data via the application’s .NET Remoting server, enabling local code execution by a malicious local user through specially crafted requests. Multiple sources corroborate the vulnera...

7.8CVSS7.7AI score0.00268EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by