Lucene search
K

33 matches found

SUSE CVE
SUSE CVE
added 2025/09/18 11:26 p.m.4 views

SUSE CVE-2025-30187

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...

3.7CVSS6.8AI score0.00271EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/18 9:21 a.m.3 views

CVE-2025-30187 Denial of service via crafted DoH exchange in PowerDNS DNSdist

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...

3.7CVSS6.3AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2025/09/18 9:21 a.m.24 views

CVE-2025-30187

DNSdist is vulnerable when configured to use the nghttp2 library to process DoH queries. The issue is an unbounded I/O read loop in the DoH path that can cause CPU resource exhaustion (DoS). Affected code appears post-1.9.0-alpha1; various advisories recommend upgrading DNSdist to fixed releases....

3.7CVSS6.3AI score0.00271EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/18 9:21 a.m.12 views

CVE-2025-30187 Denial of service via crafted DoH exchange in PowerDNS DNSdist

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...

3.7CVSS0.00271EPSS
Exploits0References1
OSV
OSV
added 2023/02/16 3:15 p.m.8 views

UBUNTU-CVE-2023-25153

containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug h...

6.2CVSS6.8AI score0.00363EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/06 12:0 a.m.4 views

CRI-O 资源管理错误漏洞

CRI-O is a lightweight container runtime environment for Kubernetes systems. CRI-O suffers from a resource management error vulnerability that stems from a lack of size limitations on CRI-O read output. An attacker could create larger output to exploit the vulnerability to affect the availability...

7.8CVSS7.4AI score0.02827EPSS
Exploits1References20
OSV
OSV
added 2021/03/08 5:15 a.m.4 views

UBUNTU-CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS5.8AI score0.01871EPSS
Exploits0References6
NVD
NVD
added 2020/11/11 4:15 a.m.21 views

CVE-2020-16127

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

5.5CVSS4.4AI score0.00409EPSS
Exploits2References1
Cvelist
Cvelist
added 2020/11/11 4:10 a.m.30 views

CVE-2020-16127 accountsservice .pam_environment infinite loop

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

2.8CVSS5.4AI score0.00409EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2020/11/11 4:10 a.m.30 views

CVE-2020-16127

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

5.5CVSS5.9AI score0.00409EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2020/11/03 12:0 a.m.27 views

CVE-2020-16127

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

5.5CVSS6.5AI score0.00409EPSS
Exploits2References2
OSV
OSV
added 2020/11/03 12:0 a.m.4 views

UBUNTU-CVE-2020-16127

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

5.5CVSS6.5AI score0.00409EPSS
Exploits2References3
Saint
Saint
added 2020/03/24 12:0 a.m.215 views

netkit telnetd nextitem vulnerability

Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...

0.9AI score
Exploits0
Rows per page
Query Builder