CVE-2021-40516

WeeChat before 3.2.1 allows remote attackers to cause a denial of service crash via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin...

Out-of-bounds

WeeChat before 3.2.1 allows remote attackers to cause a denial of service crash via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin...

UBUNTU-CVE-2021-40516

WeeChat before 3.2.1 allows remote attackers to cause a denial of service crash via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin...

CVE-2021-40516

CVE-2021-40516 affects WeeChat before 3.2.1. The vulnerability is in the Relay plugin’s WebSocket handling, specifically an out-of-bounds read in plugins/relay/relay-websocket.c, which an attacker can trigger remotely to cause a denial of service (crash). Connected sources confirm affected versio...

CVE-2021-40516

WeeChat before 3.2.1 allows remote attackers to cause a denial of service crash via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin...

CVE-2021-40516

WeeChat before 3.2.1 allows remote attackers to cause a denial of service crash via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin...

WeeChat 缓冲区错误漏洞

A security vulnerability in WeeChat, an extensible live chat client application, stems from the fact that WeeChat before version 3.2.1 allows remote attackers to trigger, via a crafted WebSocket framework, an out-of-bounds read, resulting in a denial of service crash. No detailed vulnerability...

WeeChat -- Crash when decoding a malformed websocket frame in relay plugin.

The WeeChat project reports: Crash when decoding a malformed websocket frame in relay plugin...

F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP Advanced WAF and ASM WebSocket, which originates from the BIG-IP...

F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability (CNVD-2021-65633)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. When a Websocket profile is configured on the Virtual server of BIG-IP AWAF/ASM, undisclosed requests may cause the BD proces...

buttplug_ws_connector (=0.0.1), healslut (=0.1.0) +1 more potentially affected by CVE-2020-36218 via buttplug (>=0.0.2 <=0.9.2)

buttplug CARGO version =0.0.2, =0.0.1, =20.0.0 Source cves: CVE-2020-36218 Source advisory: OSV:GHSA-R7RV-2RPH-HVHJ...

F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K42051445)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K42051445 advisory. - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x befo...

F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K05314769)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K05314769 advisory. - On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1,...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP Advanced WAF and ASM WebSocket, which originates from the BIG-IP...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. When a Websocket profile is configured on the Virtual server of BIG-IP AWAF/ASM, undisclosed requests may cause the BD proces...

Denial Of Service

eap7-undertow is vulnerable to denial of service. The vulnerability exists due to a buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion...

Red Hat JBoss Enterprise Application Platform资源管理错误漏洞

Red Hat JBoss Enterprise Application Platform EAP is the United States Red Hat Red Hat company's set of open source , J2EE-based middleware platform. The platform is primarily used to build, deploy and host Java applications and services. A security vulnerability exists in Red Hat JBoss Enterpris...

undertow: buffer leak on incoming websocket PONG message may lead to DoS

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability...

undertow: buffer leak on incoming websocket PONG message may lead to DoS

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...