73 matches found
Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP 安全漏洞
The Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP is an industrial grade DC uninterruptible power supply module from Phoenix Contact, Germany. A security vulnerability exists in the Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP that originates from an unauthenticated, remote attacker who can obtain...
PT-2025-41855
Name of the Vulnerable Software and Affected Versions Webfrontend affected versions not specified Description An unauthenticated remote attacker performing a man-in-the-middle MITM attack can intercept websocket messages. This interception allows access to login credentials for the Webfrontend. T...
EUVD-2025-6822
Malicious code in bioql PyPI...
Amazon Linux 2 : libsoup, --advisory ALAS2-2025-3006 (ALAS-2025-3006)
The version of libsoup installed on the remote host is prior to 2.56.0-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3006 advisory. A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate...
Linux Distros Unpatched Vulnerability : CVE-2025-32049
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial o...
libsoup: Denial of Service attack to websocket server
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
libsoup: Denial of Service attack to websocket server
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the 'meta http-equiv="refresh"' in the WebSocket messages...
CVE-2021-37840
aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking CSWH involving OS commands within WebSocket messages at a ws:// URL for /webssh the victim must have configured Terminal with at least one host. Successful exploitation depends on the browser used by a potential victim e.g., exploitatio...
PT-2025-15840 · Totvs · Totvs Framework
Name of the Vulnerable Software and Affected Versions: TOTVS Framework Linha Protheus version 12.1.2310 Description: An issue in the software allows attackers to bypass multi-factor authentication MFA via a crafted websocket message. Recommendations: For version 12.1.2310, consider disabling...
DEBIAN-CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
UBUNTU-CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
Denial Of Service (DoS)
Aimhubio/aim is vulnerable to a Denial Of Service DoS. The vulnerability is due to the tracking server overriding the maximum size for websocket messages, allowing very large images to be tracked, which causes the server to become unresponsive to other requests...
Aim Uncontrolled Resource Consumption vulnerability
In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...
Denial of Service (DoS)
Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service DoS through the tracking server. An attacker can cause the server to become unresponsive to other requests by sending very large images that exceed...
GHSA-J5QJ-RG5J-J7C2 Aim Uncontrolled Resource Consumption vulnerability
In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...
CVE-2025-0189
In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...
CVE-2025-0189 Denial of Service in aimhubio/aim
In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...
CVE-2025-0189
CVE-2025-0189 affects aimhubio/aim version 3.25.0 where the tracking server allows oversized websocket messages, overriding the maximum size and causing DoS as it processes very large images. This makes the server unresponsive to other requests. According to the sources, there is no fixed version...
CVE-2025-0189 Denial of Service in aimhubio/aim
In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...