Lucene search
K

227 matches found

Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.11 views

PT-2023-24680 · Zxcvbn-Ts · Zxcvbn-Ts

Name of the Vulnerable Software and Affected Versions: zxcvbn-ts versions prior to 3.0.2 Description: This issue affects users running on the NodeJS platform who are using the second argument of the zxcvbn function. It can result in unbounded resource consumption as the user inputs array is...

7.5CVSS7.4AI score0.00496EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2023/05/24 12:0 a.m.34 views

bind security and bug fix update

32:9.11.36-8 - Correct regression preventing bind-dyndb-ldap build 2133889 32:9.11.36-7 - Prevent excessive resource use while processing large delegations. CVE-2022-2795 32:9.11.36-6 - Prevent freeing zone during statistics rendering 2101712...

5.3CVSS7.1AI score0.01495EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/18 12:14 a.m.3 views

golang: net/http, mime/multipart: denial of service from excessive resource consumption

A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service...

7.5CVSS6.7AI score0.01231EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2023/05/15 11:15 a.m.6 views

CVE-2023-23447

Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST interface...

7.5CVSS7.1AI score0.01117EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.4 views

Intel Unite 资源管理错误漏洞

Intel Unite is a suite of enterprise meeting collaboration solutions from Intel Corporation USA. A security vulnerability exists in Intel Unite prior to version 17 that stems from uncontrolled resource consumption, which can lead to a denial of service...

5.5CVSS5.7AI score0.00174EPSS
Exploits0References2
CloudLinux
CloudLinux
added 2023/05/04 9:42 p.m.125 views

openssl: Fix of 3 CVEs

CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509VERIFYPARAMadd0policy - CVE-2022-3996: Drop redundant flag setting in policycachesetmapping...

7.5CVSS6.6AI score0.03658EPSS
Exploits0
OSV
OSV
added 2023/05/04 9:20 p.m.8 views

CLSA-2023-1683235231 openssl: Fix of 3 CVEs

CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509VERIFYPARAMadd0policy - CVE-2022-3996: Drop redundant flag setting in policycachesetmapping...

7.5CVSS5.8AI score0.03658EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/03 12:0 a.m.4 views

F5 BIG-IP 资源管理错误漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a resource management error vulnerability that originates from uncontrolled resource consumption by an...

5.3CVSS6.7AI score0.00557EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/04/20 12:0 a.m.6 views

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions allows a attacker to cause service failures.

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.8CVSS6.8AI score0.01373EPSS
Exploits1References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/04/12 12:0 a.m.5 views

The vulnerability in operating systems such as MacOS, iOS, tvOS, iPadOS, and watchOS, related to uncontrolled resource consumption during certificate processing, allows attackers to trigger service failures.

The vulnerability of operating systems such as MacOS, iOS, tvOS, iPadOS, and watchOS is related to an uncontrolled consumption of resources during the processing of certificates. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.00605EPSS
Exploits0References5Affected Software5
OSV
OSV
added 2023/03/22 5:15 p.m.8 views

AZL-25709 CVE-2023-0464 affecting package rust for versions less than 1.68.0-1

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of...

7.5CVSS6.5AI score0.03658EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.4 views

Dell PowerScale OneFS 资源管理错误漏洞

Dell PowerScale OneFS is an operating system from Dell USA Inc. Dell PowerScale OneFS is vulnerable to a resource management error that stems from the presence of uncontrolled resource consumption, which could be exploited by an attacker to compromise built-in hardware management functions and...

7.5CVSS6.7AI score0.00616EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2023/01/24 12:0 a.m.80 views

bind security update

32:9.11.4-26.P2.13 - Tighten cache protection against record from forwarders CVE-2021-25220 32:9.11.4-26.P2.12 - Include test of forwarders CVE-2021-25220 32:9.11.4-26.P2.11 - Prevent excessive resource use while processing large delegations. CVE-2022-2795...

6.8CVSS7.8AI score0.0325EPSS
Exploits0
Snyk
Snyk
added 2023/01/10 10:43 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS by sending an invalid request to an exposed endpoint. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

7.5CVSS7AI score0.0274EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/30 12:0 a.m.6 views

The vulnerability of the dialog plugin for the WYSIWYG editor CKEditor, which allows a hacker to trigger a service failure.

The vulnerability of the dialog plugin in the WYSIWYG editor CKEditor is related to an uncontrolled resource consumption during the processing of regular expressions for validation purposes. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.02448EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2022/11/23 10:11 p.m.6 views

CLSA-2022-1669241475 Fix CVE(s): CVE-2022-45061

SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061.patch: Fix quadratic time idna decoding - CVE-2022-45061 Fix the tests: Certificates were expired - debian/patches/update-test-certs-and-keys.patch: Update test certs and keys...

7.5CVSS6.8AI score0.02453EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.19 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in its uncontrolled resource consumption, which allows attackers to trigger service interruptions.

The vulnerability of Websoft HCM’s automation software for HR processes is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS5.4AI score
Exploits0Affected Software1
Fedora
Fedora
added 2022/10/05 1:50 p.m.36 views

[SECURITY] Fedora 35 Update: lighttpd-1.4.67-1.fc35

lighttpd pronounced /lighty/ is a secure, fast, compliant, and very flexible web server that has been optimized for high-performance environments. lighttpd uses memory and CPU efficiently and has lower resource use than other popular web servers. Its advanced feature-set FastCGI, CGI, Auth,...

7.5CVSS7.7AI score0.02714EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.5 views

The vulnerability of the SPICE remote virtual desktop rendering system, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the SPICE remote virtual desktop rendering system is related to significantly lower resource consumption on the client side compared to the server when establishing a new SSL connection. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

5.3CVSS6.4AI score0.02703EPSS
Exploits1References13Affected Software5
OpenVAS
OpenVAS
added 2022/09/22 12:0 a.m.36 views

Slackware: Security Advisory (SSA:2022-264-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.02299EPSS
Exploits0References6
Rows per page
Query Builder