EUVD-2016-4968

Malware in sbrugna...

CVE-2023-21751

Azure DevOps Server Spoofing Vulnerability...

Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features such as TCP, HTTP client and server, and WenSocket client and server. A security vulnerability exists in Cesanta Mongoose version 6.18, which stems from a buffer overflow in...

The vulnerability of Zyxel 5G NR/4G LTE CPE router servers’ libraries allows a hacker to execute arbitrary commands and cause service interruptions.

The vulnerability of the Zyxel 5G NR/4G LTE CPE router server libraries is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and cause service failures...

GO-2022-0166 Denial of service due to unchecked parameters in crypto/dsa

The Verify function in crypto/dsa passed certain parameters unchecked to the underlying big integer library, possibly leading to extremely long-running computations, which in turn makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client certificates or the Go...

Mageia: Security Advisory (MGASA-2016-0207)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cesanta Mongoose Input Validation Error Vulnerability

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features such as TCP, HTTP client and server, WenSocket client and server. An input validation error vulnerability exists in Cesanta Mongoose. The vulnerability stems from a network system or...

DEBIAN-CVE-2019-7659

Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service application abort or possibly have unspecified other impact if a server application is built with the -DWITHCOOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ librarie...

Updated golang package fixes CVE-2016-3959

Updated golang packages fix security vulnerability: Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability...

CVE-2016-3959

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service infinite loop via a crafted public key to a program that uses HTTPS client...

Design/Logic Flaw

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service infinite loop via a crafted public key to a program that uses HTTPS client...

UBUNTU-CVE-2016-3959

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service infinite loop via a crafted public key to a program that uses HTTPS client...

go -- remote denial of service

Jason Buberel reports: Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability...