Lucene search
+L

6 matches found

Github Security Blog
Github Security Blog
added 2026/03/31 11:54 p.m.17 views

OpenClaw: Gateway WebSocket Denial of Service via unbounded pre-auth upgrades

Summary The gateway accepted unbounded concurrent unauthenticated WebSocket upgrades before allocating them to an authenticated session budget. Impact An unauthenticated network attacker could consume socket and worker capacity and disrupt WebSocket availability for legitimate clients. Affected...

8.7CVSS5.9AI score0.00318EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/18 10:1 a.m.4 views

OPENSUSE-SU-2026:20384-1 Security update for libsoup

This update for libsoup fixes the following issues: Update to libsoup 3.6.6: - CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049:...

9.1CVSS7AI score0.00821EPSS
Exploits2References18
NVD
NVD
added 2024/12/13 6:15 a.m.29 views

CVE-2024-11835

Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

7.5CVSS0.00379EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 5:49 a.m.82 views

CVE-2024-11835

The CVE-2024-11835 entry concerns an Uncontrolled Resource Consumption vulnerability in PlexTrac that enables a WebSocket DoS . Affected are PlexTrac versions from 1.61.3 through before 2.8.1. The issue arises from uncontrolled resource usage, which can exhaust server resources and potentially di...

7.5CVSS6.6AI score0.00379EPSS
Exploits0References1Affected Software1
Amazon
Amazon
added 2023/09/25 12:0 a.m.9 views

Important: tomcat

Issue Overview: A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files could be able to manipulate the RMI registry to perform a man-in-the-middle attack. The attacker could...

7.5CVSS6.9AI score0.87553EPSS
Exploits2
OSV
OSV
added 2020/09/11 9:13 a.m.29 views

SUSE-SU-2020:2611-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2020-1935: Fixed an HTTP request smuggling vulnerability bsc1164860. - CVE-2020-13935: Fixed a WebSocket DoS bsc1174117...

7.5CVSS6.4AI score0.87553EPSS
Exploits1References5
Rows per page
Query Builder