CVE-2026-37234

FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xappids by sending multiple E42SETUPREQUESTs. On disconnect, only the first registered xappid's resources are cleaned up; subsequent xappids and their subscriptions remain as stale entries. A remote attacker can exploit this to leak...

Zebra has Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer Poisoning

Summary A composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to permanently halt all new block discovery on a targeted node. The attack exploits three independent weaknesses in the gossip, syncer, and download subsystems — all...

Astra Linux - уязвимость в jetty9

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...

SUSE CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

CVE-2026-33595 DoQ/DoH3 excessive memory allocation

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

CVE-2026-33595

The connected documents independently confirm CVE-2026-33595 affects PowerDNS DNSdist, describing a flaw where a client can trigger excessive memory allocation by generating many error responses over a single DoQ/DoH3 connection, with resources not released until connection end. This is the state...

PT-2026-34439

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A client can trigger excessive memory allocation by generating numerous error responses over a single DoQ DNS over QUIC and DoH3 DNS over HTTP/3 connection,...

PowerDNS DNSdist 安全漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS that offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the ability of clients to trigger excessive memory allocation by generating numerous error...

CVE-2025-10259 Denial-of-Service(DoS) Vulnerability in TCP Communication Function on MELSEC iQ-F Series CPU module

Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote attacker to disconnect the connection by sending specially crafted TCP packets to cause a denial-of-service DoS condition...

UBUNTU-CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

UBUNTU-CVE-2025-30193

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of...

GHSA-M425-MQ94-257G gRPC-Go HTTP/2 Rapid Reset vulnerability

Impact In affected releases of gRPC-Go, it is possible for an attacker to send HTTP/2 requests, cancel them, and send subsequent requests, which is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit...

SUSE CVE-2020-27218

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...

spice: Client initiated renegotiation denial of service

A flaw was found in spice. A DoS tool might make it easier for remote attackers to cause a denial of service CPU consumption by performing many renegotiations within a single connection...

jetty: buffer not correctly recycled in Gzip Request inflation

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...

bind: TCP Pipelining doesn't limit TCP clients on a single connection

A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...

ALPINE-CVE-2019-12795

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. Note that the server socket...

What is HTTP/2 ? Next-Gen Protocol For Faster and Safer Internet

Good news for Internet folks! Get Ready as the entire web you know is about to change. The new and long-awaited version of HTTP took a major step toward becoming a reality on Wednesday – It is been officially finalized and approved. Mark Nottingham, chairman of the Internet Engineering Task Force...

CVE-2002-2243

Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service refused connections by opening a connection and not closing it...

MDaemon DoS

Сервер разрешает только одно соединение, которое не отключается по таймауту. Кроме того, имеется переполнение буфера в IMAP...