Lucene search
+L

73 matches found

CNNVD
CNNVD
added 2025/10/14 12:0 a.m.5 views

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP 安全漏洞

The Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP is an industrial grade DC uninterruptible power supply module from Phoenix Contact, Germany. A security vulnerability exists in the Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP that originates from an unauthenticated, remote attacker who can obtain...

6.8CVSS6.8AI score0.00432EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.8 views

PT-2025-41855

Name of the Vulnerable Software and Affected Versions Webfrontend affected versions not specified Description An unauthenticated remote attacker performing a man-in-the-middle MITM attack can intercept websocket messages. This interception allows access to login credentials for the Webfrontend. T...

6.8CVSS6.5AI score0.00432EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6822

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0059EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.6 views

Amazon Linux 2 : libsoup, --advisory ALAS2-2025-3006 (ALAS-2025-3006)

The version of libsoup installed on the remote host is prior to 2.56.0-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3006 advisory. A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate...

7.5CVSS7.3AI score0.00821EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-32049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial o...

7.5CVSS7AI score0.00821EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/26 8:53 a.m.4 views

libsoup: Denial of Service attack to websocket server

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7.3AI score0.00821EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/05/26 6:45 a.m.4 views

libsoup: Denial of Service attack to websocket server

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7.3AI score0.00821EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.11 views

CVE-2023-48003

An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the 'meta http-equiv="refresh"' in the WebSocket messages...

6.1CVSS7.1AI score0.0046EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.8 views

CVE-2021-37840

aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking CSWH involving OS commands within WebSocket messages at a ws:// URL for /webssh the victim must have configured Terminal with at least one host. Successful exploitation depends on the browser used by a potential victim e.g., exploitatio...

8.8CVSS7AI score0.01661EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.12 views

PT-2025-15840 · Totvs · Totvs Framework

Name of the Vulnerable Software and Affected Versions: TOTVS Framework Linha Protheus version 12.1.2310 Description: An issue in the software allows attackers to bypass multi-factor authentication MFA via a crafted websocket message. Recommendations: For version 12.1.2310, consider disabling...

9.8CVSS6.4AI score0.0052EPSS
Exploits0References5
OSV
OSV
added 2025/04/03 2:15 p.m.2 views

DEBIAN-CVE-2025-32049

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7.3AI score0.00821EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 2:15 p.m.3 views

UBUNTU-CVE-2025-32049

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7.1AI score0.00821EPSS
Exploits0References3
Veracode
Veracode
added 2025/04/01 2:34 a.m.8 views

Denial Of Service (DoS)

Aimhubio/aim is vulnerable to a Denial Of Service DoS. The vulnerability is due to the tracking server overriding the maximum size for websocket messages, allowing very large images to be tracked, which causes the server to become unresponsive to other requests...

7.5CVSS7AI score0.0059EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.20 views

Aim Uncontrolled Resource Consumption vulnerability

In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...

7.5CVSS6.7AI score0.0059EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Denial of Service (DoS)

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service DoS through the tracking server. An attacker can cause the server to become unresponsive to other requests by sending very large images that exceed...

8.7CVSS7.1AI score0.0059EPSS
Exploits1References2
OSV
OSV
added 2025/03/20 12:32 p.m.43 views

GHSA-J5QJ-RG5J-J7C2 Aim Uncontrolled Resource Consumption vulnerability

In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...

7.5CVSS7AI score0.0059EPSS
Exploits1References3
NVD
NVD
added 2025/03/20 10:15 a.m.21 views

CVE-2025-0189

In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...

7.5CVSS0.0059EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.6 views

CVE-2025-0189 Denial of Service in aimhubio/aim

In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...

7.5CVSS7.5AI score0.0059EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.90 views

CVE-2025-0189

CVE-2025-0189 affects aimhubio/aim version 3.25.0 where the tracking server allows oversized websocket messages, overriding the maximum size and causing DoS as it processes very large images. This makes the server unresponsive to other requests. According to the sources, there is no fixed version...

7.5CVSS7.5AI score0.0059EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/03/20 10:10 a.m.8 views

CVE-2025-0189 Denial of Service in aimhubio/aim

In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to other requests while processing the large...

7.5CVSS7AI score0.0059EPSS
Exploits1References3
Rows per page
Query Builder