Lucene search
K

220 matches found

Vulnrichment
Vulnrichment
added 2025/02/10 10:2 p.m.49 views

CVE-2025-25193 Denial of Service attack on windows app using Netty

Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...

5.5CVSS5.6AI score0.00357EPSS
Exploits0References2
CVE
CVE
added 2025/02/10 10:2 p.m.390 views

CVE-2025-25193

CVE-2025-25193 affects Netty (versions up to and including 4.1.118.Final). The flaw arises from an unsafe reading of an environment file, which can cause a denial of service. On Windows, Netty loads a non-existent file; if an attacker creates a very large file, the Netty application can crash. Th...

5.5CVSS5.6AI score0.00357EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/02/10 10:2 p.m.22 views

CVE-2025-25193 Denial of Service attack on windows app using Netty

Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...

5.5CVSS0.00357EPSS
Exploits0References2
OSV
OSV
added 2025/02/10 10:2 p.m.23 views

CVE-2025-25193 Denial of Service attack on windows app using Netty

Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...

5.5CVSS6.6AI score0.00357EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/02/10 10:2 p.m.16 views

CVE-2025-25193

Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...

5.5CVSS6.5AI score0.00357EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/02/10 6:14 p.m.27 views

Denial of Service attack on windows app using Netty

Summary An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash. Details A similar issue was previousl...

5.5CVSS5.4AI score0.00357EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2025/02/05 12:21 p.m.6 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00408EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/02/05 10:0 a.m.10 views

CVE-2024-3429

A path traversal vulnerability exists in the parisneo/lollms application, specifically within the sanitizepathfromendpoint and sanitizepath functions in lollmscore\lollms\security.py. This vulnerability allows for arbitrary file reading when the application is running on Windows. The issue arises...

9.8CVSS6.9AI score0.28317EPSS
Exploits1References1
Metasploit
Metasploit
added 2025/02/01 6:54 p.m.899 views

Argus Surveillance DVR 4.0.0.0 - Directory Traversal

This module leverages an unauthenticated arbitrary file read for the Argus Surveillance 4.0.0.0 system which never saw an update since. As this is a Windows related application we recommend looking for common Windows file locations, especially C:\ProgramData\PYSoftware\Argus Surveillance...

7.5CVSS7.3AI score0.97709EPSS
Exploits4
NVD
NVD
added 2024/11/12 4:15 p.m.18 views

CVE-2024-47535

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts ...

5.5CVSS0.00408EPSS
Exploits1References2
Apple
Apple
added 2024/10/03 12:0 a.m.68 views

About the security content of Apple Music 1.5.0.152 for Windows

About the security content of Apple Music 1.5.0.152 for Windows This document describes the security content of Apple Music 1.5.0.152 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...

5.5CVSS6.6AI score0.00205EPSS
Exploits0References1Affected Software1
Citrix
Citrix
added 2024/07/13 12:0 a.m.8 views

PVS SOAP Service Crashes After Running the Auto Update

Provisioning Services Simple Object Access Protocol service crashes after running the Auto Update. The Auto Update feature in Provisioning Services PVS allows a master target to receive an update and roll it out to the target devices. The completion is signaled to the Windows Application log by a...

7AI score
Exploits0
OSV
OSV
added 2024/07/10 9:15 p.m.1 views

CVE-2024-6286

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows...

7.8CVSS7.3AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 1:32 p.m.26 views

CVE-2024-33865

An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/GUID endpoints...

6.8AI score0.00659EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/26 12:0 a.m.6 views

PT-2024-21240 · Dell · Dell Grab For Windows

Name of the Vulnerable Software and Affected Versions: Dell Grab for Windows versions 5.0.4 and below Description: The issue is related to improper file permissions, which could be exploited by a locally authenticated attacker to disclose certain system information. A locally authenticated attack...

5.5CVSS6.6AI score0.00156EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

CDeX 安全漏洞

CDeX is a free software package from CDeX Inc. It is used to extract digital audio from audio CDs and convert audio formats for Microsoft Windows. A security vulnerability exists in CDeX 5.7.1 and earlier versions that stems from the presence of an open redirection vulnerability. An attacker can...

8CVSS6.3AI score0.00598EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.5 views

Number withdrawn

Sumatra PDF is a software application. PDF, ePub, MOBI, CHM, XPS, DjVu, CBZ, CBR readers for Windows. This CVE number has been withdrawn...

6.8AI score
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/10/27 12:0 a.m.5 views

The vulnerability of the Jorani employee leave management software lies in the incorrect restriction on the path to the restricted catalog. This allows a hacker to execute arbitrary code.

The vulnerability of the Jorani application for Windows is related to an incorrect limitation on the path to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.81918EPSS
Exploits5References4Affected Software1
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.6 views

Alexander Maier EisBaer Scada Path Traversal Vulnerability

Alexander Maier EisBaer Scada is a visual reality display and control program created on Windows operating systems by Alexander Maier of Germany. Alexander Maier EisBaer Scada suffers from a path traversal vulnerability that stems from an incorrect restriction on pathnames to restricted directori...

7.5CVSS6.8AI score0.00752EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 8:32 p.m.47 views

Security Bulletin: IBM i Access Client Solutions - Windows Application Package is vulnerable to a timing issue with RSA Decryption in GSKit builds prior to 8.0.55.31 (CVE-2023-32342)

Summary IBM GSKit is used by IBM i Access Client Solutions - Windows Application Package when making TLS connections to an IBM i partition. If an RSA cipher is used, IBM GSKit could allow a remote attacker to obtain sensitive information. Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IB...

7.5CVSS7.3AI score0.00925EPSS
Exploits0Affected Software1
Rows per page
Query Builder