8 matches found
PT-2025-49034
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to a livelock in synchronous file put operations from fuseblk workers. This issue can lead to a hang when running tests that involve opening a...
CVE-2025-52494
Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...
GHSA-QCXH-W3J9-58QR Apache Tomcat Denial of Service vulnerability
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servle...
tomcat: Apache Tomcat HTTP/2 DoS
A flaw was found in Apache Tomcat, where the HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open, which enables them to cause server-side threads to block. This flaw eventually leads to a denial of service attack...
Denial of Service in manolo/gwtupload
Overview com.googlecode.gwtupload:gwtupload is a library for uploading files to web servers, showing a progress bar with real information about the process file size, bytes transferred, etc. Affected versions of this package are vulnerable to Denial of Service DoS. server/UploadServlet.java the...
tomcat: Apache Tomcat HTTP/2 DoS
A flaw was found in Apache Tomcat, where the HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open, which enables them to cause server-side threads to block. This flaw eventually leads to a denial of service attack...
Apache 2.4.17 / 2.4.18 DoS
According to its banner, the version of Apache running on the remote host is either 2.4.17 or 2.4.18. A denial of service DoS vulnerability exists in server threads due to a lengthy thread-block time. An unauthenticated, remote attacker can exploit this issue, to block server threads, and causing...
ALPINE-CVE-2018-17189
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...