Lucene search
+L

488 matches found

OSV
OSV
added 2020/05/13 4:15 p.m.4 views

CVE-2020-9501

Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, resulting in...

5.5CVSS6.1AI score0.00321EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.9 views

The vulnerability of the crwimage_int.cpp component in the Exiv2 metadata management library allows a attacker to cause a service failure.

The vulnerability of the crwimageint.cpp component in the Exiv2 metadata management library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

4.3CVSS6.6AI score0.0235EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/03/26 12:0 a.m.7 views

The vulnerability of the SSH daemon on the RouterOS operating system of MikroTik allows a hacker to cause a service failure.

The vulnerability of the SSH daemon on the RouterOS operating system of MikroTik routers is related to an uncontrolled resource consumption. Exploiting this vulnerability allows a malicious actor to cause service failures by using system calls like connect and write...

7.8CVSS7.2AI score0.02594EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2020/03/05 7:1 p.m.7 views

envoy: Incorrect Access Control when using SDS with Combined Validation Context

An access control bypass vulnerability was found in envoy. When the same TLS secret is used across multiple resources, the client's data, such as the subject alternative name or hash, is not validated. This flaw could lead to a possible bypass of security restrictions...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/03/05 12:0 a.m.24 views

Cisco MDS 9000 Series Multilayer Switches Denial of Service Vulnerability

A denial of service DoS vulnerability exists in Cisco MDS 9000 Series Multilayer Switch due to improper resource usage control. An unauthenticated, remote attacker can exploit this issue, via sending traffic to the management interface mgmt0, to cause the system to stop responding. Please see the...

8.6CVSS7.9AI score0.01631EPSS
Exploits0References4
NVD
NVD
added 2020/02/26 5:15 p.m.14 views

CVE-2020-3175

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper resource usage control. An...

8.6CVSS8.5AI score0.01631EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/02/24 12:0 a.m.6 views

The vulnerability of the Server:DDL component of the Oracle MySQL database management system allows a hacker to cause a service failure.

The vulnerability of the Server:DDL component of the Oracle MySQL database management system is related to an uncontrolled consumption of system resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

6.5CVSS7AI score0.03078EPSS
Exploits0References4Affected Software2
0day.today
0day.today
added 2020/02/03 12:0 a.m.146 views

BearFTP 0.1.0 - (PASV) Denial of Service Exploit

Exploit Title: BearFTP 0.1.0 - 'PASV' Denial of Service Exploit Author: kolya5544 Vendor Homepage: http://iktm.me/ Software Link: https://github.com/kolya5544/BearFTP/releases Version: v0.0.1 - v0.1.0 Tested on: Ubuntu 18.04 CVE : CVE-2020-8416 static void Mainstring args Console.WriteLine"DoS...

7.5CVSS7.6AI score0.14206EPSS
Exploits5
OSV
OSV
added 2020/01/31 1:15 p.m.15 views

CVE-2020-7218

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3...

7.5CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2020/01/31 1:15 p.m.19 views

Denial of service

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3...

5CVSS7.5AI score0.01466EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/01/31 1:15 p.m.29 views

CVE-2020-7219

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3...

7.5CVSS6.8AI score0.0201EPSS
Exploits0References3
OSV
OSV
added 2020/01/31 1:15 p.m.4 views

UBUNTU-CVE-2020-7218

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3...

7.5CVSS5.7AI score0.01466EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/01/31 12:39 p.m.43 views

CVE-2020-7219

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3...

7.5AI score0.0201EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/01/31 12:26 p.m.48 views

CVE-2020-7218

Removed by vendor...

7.5CVSS7.5AI score0.01466EPSS
Exploits0
Cvelist
Cvelist
added 2020/01/31 12:26 p.m.23 views

CVE-2020-7218

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3...

7.5AI score0.01466EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2019/12/25 4:44 p.m.68 views

How Organizations Can Defend Against Advanced Persistent Threats

Advanced persistent threats APTs have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time. They typically perform complex hacks that allow them to steal or destroy data...

0.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/12/22 12:0 a.m.5 views

Vulnerability of the fastrpc_dma_buf_attach() function (driver/misc/fastrpc.c) in the Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the fastrpcdmabufattach function driver/misc/fastrpc.c in the Linux kernel involves uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS7.3AI score0.03422EPSS
Exploits0References11Affected Software2
RedhatCVE
RedhatCVE
added 2019/12/18 8:56 p.m.26 views

CVE-2019-12420

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly...

7.5CVSS1.5AI score0.07234EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.6 views

The vulnerability of the i40e controller drivers for Intel Ethernet Series 700 models allows a hacker to cause a service failure.

The vulnerability of the i40e controller drivers for Intel Ethernet Series 700 models is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to cause service failures...

6.5CVSS6.1AI score0.00294EPSS
Exploits0References12Affected Software8
UbuntuCve
UbuntuCve
added 2019/12/12 11:15 p.m.28 views

CVE-2019-12420

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly...

7.5CVSS6.8AI score0.07234EPSS
Exploits0References13
Rows per page
Query Builder