314 matches found
CVE-2023-38285
Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...
CVE-2023-38285
CVE-2023-38285 affects Trustwave ModSecurity 3.x prior to 3.0.10. The root cause is Inefficient Algorithmic Complexity in certain input handling, leading to potential denial of service with network-based exploitation. The CVSS indicates network attack vector, low attack complexity, and high avail...
ModSecurity 安全漏洞
ModSecurity is an intrusion detection and blocking engine that can be run as a module of the Apache Web Server or as a standalone application to enhance the security of Web applications and protect them from known and unknown attacks. A security vulnerability exists in Trustwave ModSecurity versi...
CVE-2023-2473
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...
Design/Logic Flaw
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...
CVE-2023-2473
CVE-2023-2473 affects Dreamer CMS versions up to 4.1.3. The vulnerability resides in the Password Hash Calculation component, specifically the updatePwd function in the UserController.java, causing inefficient algorithmic complexity. The issue can be exploited remotely, with upgrade recommended a...
CVE-2023-2473 Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...
CVE-2023-2473 Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...
SUSE CVE-2007-6523
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...
SUSE CVE-2012-2098
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service CPU consumption via a file with many repeating inputs...
SUSE CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...
SUSE CVE-2018-12558
The parse method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f"...
SUSE CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
Debian dla-3139 : knot-resolver - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3139 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3139-1 [email protected] https://www.debian.org/lts/security/...
NIC Knot Resolver Denial of Service Vulnerability
Knot Resolver is a cached DNS resolver implementation that includes a resolver library and daemon. A denial of service vulnerability exists in NIC Knot Resolver versions prior to 5.5.3. The vulnerability stems from not properly handling incoming error messages and can be exploited by a remote...
CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
DEBIAN-CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
UBUNTU-CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...