Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2022/02/11 12:0 a.m.3 views

GHSA-GPGX-WHWH-R297 Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC o...

7.5CVSS7.4AI score0.00432EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/02/09 11:15 p.m.4 views

CVE-2022-24668

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...

7.5CVSS7.2AI score0.00432EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2021/03/26 12:0 a.m.65 views

SUSE SLES12 Security Update : nghttp2 (SUSE-SU-2021:0932-1) (Data Dribble) (Resource Loop)

This update for nghttp2 fixes the following issues : Security issues fixed : CVE-2020-11080: HTTP/2 Large Settings Frame DoS bsc1181358. CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service bsc1146184. CVE-2019-9511: Fixed...

7.8CVSS6.8AI score0.13725EPSS
Exploits0References22
RedhatCVE
RedhatCVEadded 2019/10/25 6:31 a.m.36 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS6.1AI score0.03388EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2018/04/16 12:0 a.m.40 views

FreeBSD : nghttp2 -- Denial of service due to NULL pointer dereference (1fccb25e-8451-438c-a2b9-6a021e4d7a31)

nghttp2 blog : If ALTSVC frame is received by libnghttp2 and it is larger than it can accept, the pointer field which points to ALTSVC frame payload is left NULL. Later libnghttp2 attempts to access another field through the pointer, and gets segmentation fault. ALTSVC frame is defined by RFC 783...

7.5CVSS7.3AI score0.03388EPSS
Exploits0References3
OpenVAS
OpenVASadded 2018/04/16 12:0 a.m.29 views

nghttp2 < 1.31.1 DoS Vulnerability

nghttpd2 is prone to a denial of service DoS vulnerability due to a NULL pointer deference. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

7.5CVSS7.6AI score0.03388EPSS
Exploits0References1
FreeBSD
FreeBSDadded 2018/04/04 12:0 a.m.41 views

nghttp2 -- Denial of service due to NULL pointer dereference

nghttp2 blog: If ALTSVC frame is received by libnghttp2 and it is larger than it can accept, the pointer field which points to ALTSVC frame payload is left NULL. Later libnghttp2 attempts to access another field through the pointer, and gets segmentation fault. ALTSVC frame is defined by RFC 7838...

7.5CVSS2AI score0.03388EPSS
Exploits0References1
Rows per page
Query Builder