CVE-2025-63561

Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Service DoS condition in the HTTP connection handling layer, where an attacker that opens and maintains many slow or partially-completed HTTP connections can exhaust the server’s...

EUVD-2019-7963

Malware in sbrugna...

EUVD-2019-6945

Malware in sbrugna...

EUVD-2020-14039

Malware in sbrugna...

CVE-2020-21266

Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting XSS due to a slow HTTP post vulnerability...

Fortinet Fortigate Slow HTTP DoS Attacks Mitigation (FG-IR-19-013)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-013 advisory. - An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2,...

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14...

CVE-2023-36461 Mastodon vulnerable to Denial of Service through slow HTTP responses

Mastodon is a free, open-source social network server based on ActivityPub. When performing outgoing HTTP queries, Mastodon sets a timeout on individual read operations. Prior to versions 3.5.9, 4.0.5, and 4.1.3, a malicious server can indefinitely extend the duration of the response through...

DDoS attacks in Q2 2022

News overview Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in the previous reporting period. ALtahrea Team, a group targeting NATO and its partners, attacked public transportation websites in Israel and the United Kingdom. Israel s...

VMSA-2022-0004:VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities

Advisory ID: VMSA-2022-0004 CVSSv3 Range: 5.3-8.4 Issue Date:2022-02-15 Updated On: 2022-02-15 Initial Advisory CVEs: CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050 Synopsis: VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities...

Broadleaf Commerce Cross-Site Scripting Vulnerability

Broadleaf Commerce is Broadleaf Commerce team of a Java open source e-commerce website framework. A cross-site scripting vulnerability exists in Broadleaf Commerce version 5.1.14-GA, which stems from a slow HTTP post vulnerability. An attacker can exploit this vulnerability to execute JavaScript...

CVE-2020-21266

Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting XSS due to a slow HTTP post vulnerability...

ALPINE-CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

Denial of service

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

CVE-2019-17657

CVE-2019-17657 describes an Uncontrolled Resource Consumption DoS in Fortinet devices: FortiSwitch (<3.6.11, <6.0.6, ), FortiAnalyzer (), FortiManager (), and FortiAP-S/W2 (). The vulnerability allows an attacker to exhaust admin webUI resources by sending specially crafted HTTP requests/re...

Protect

An Uncontrolled Resource Consumption vulnerability in multiple products may allow an attacker to cause web service portal denial of service DoS via handling special crafted HTTP requests/responses in pieces slowly. Slow HTTP attacks are denial-of-service DoS attacks in which the attacker sends HT...

Security Bulletin: IBM Security Access Manager vulnerable to Slow HTTP Attack (CVE-2019-4036)

Summary The IBM Security Access Manager product can be attacked using the Slowloris Denial of service attack Vulnerability Details CVEID: CVE-2019-4036 DESCRIPTION: IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy...