CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

Veracode•added 2020/07/15 8:18 a.m.•58 views

Denial Of Service (DoS)

apache tomcat is vulnerable to denial of service. An infinite loop to occurs when invalid payload lengths are parsed. An attacker is able to cause a denial of service condition in the application via malicious WebSocket frames with invalid payload lengths...

7.5CVSS3.8AI score0.92155EPSS

Exploits1References22Affected Software74

Ubuntu•added 2020/07/01 11:44 p.m.•73 views

USN-4407-1: LibVNCServer vulnerabilities

It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. CVE-2019-15680 It was discovered that an information disclosure vulnerability existed in LibVNCServer when sendin...

9.8CVSS7.5AI score0.0937EPSS

Exploits1

OSV•added 2020/06/30 11:15 a.m.•1 views

DEBIAN-CVE-2017-18922

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow...

9.8CVSS8.8AI score0.06869EPSS

Exploits0References1

NVD•added 2020/06/30 11:15 a.m.•23 views

CVE-2017-18922

9.8CVSS0.06869EPSS

Exploits0References13

OSV•added 2020/06/30 11:15 a.m.•26 views

CVE-2017-18922

9.8CVSS6.5AI score0.06869EPSS

Exploits0References13

UbuntuCve•added 2020/06/30 11:15 a.m.•32 views

CVE-2017-18922

9.8CVSS7.5AI score0.06869EPSS

Exploits0References3

OSV•added 2020/06/30 11:15 a.m.•1 views

UBUNTU-CVE-2017-18922

9.8CVSS7.7AI score0.06869EPSS

Exploits0References4

CVE•added 2020/06/30 11:0 a.m.•262 views

CVE-2017-18922

CVE-2017-18922 : LibVNCServer’s websockets.c (prior to 0.9.12) is affected; multiple advisories report that malformed WebSocket frames can trigger a heap-based buffer overflow. The connected Nessus entries confirm affected packages across various distros (e.g., MiracleLinux, Alibaba Cloud Linux, ...

9.8CVSS9.2AI score0.06869EPSS

Exploits0References13Affected Software1

Debian CVE•added 2020/06/30 11:0 a.m.•29 views

CVE-2017-18922

9.8CVSS9.5AI score0.06869EPSS

Exploits0

Veracode•added 2019/09/06 5:22 a.m.•23 views

Denial Of Service (DoS)

github.com/gorilla/websocket is vulnerable to denial of service DoS. An integer overflow in conn.go when parsing WebSocket frames allows a remote attacker to cause the server to consume excessive amount of memory, resulting in an application crash when the server runs out of memory...

7.5CVSS6.1AI score0.00177EPSS

Exploits0References6Affected Software3

RedHat Linux•added 2015/05/14 3:14 p.m.•2 views

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

5CVSS7.2AI score0.04075EPSS

Exploits0References4

RedHat Linux•added 2015/03/31 5:0 p.m.•1 views

netty: DoS via memory exhaustion during data aggregation

5CVSS7.2AI score0.04075EPSS

Exploits0References4

RedHat Linux•added 2015/03/11 4:51 p.m.•3 views

netty: DoS via memory exhaustion during data aggregation

5CVSS7.2AI score0.04075EPSS

Exploits0References4

Positive Technologies•added 2014/05/06 12:0 a.m.•4 views

PT-2014-3528 · Netty · Netty

Name of the Vulnerable Software and Affected Versions: Netty versions 3.6.x through 3.6.8 Netty versions 3.7.x through 3.7.0 Netty versions 3.8.x through 3.8.1 Netty versions 3.9.x through 3.9.0 Netty versions 4.0.x through 4.0.18 Description: The issue allows remote attackers to cause a denial o...

9.1CVSS7.1AI score0.17932EPSS

Exploits5References44

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by