Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/06/19 8:46 p.m.6 views

CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake

Impact An unauthenticated remote attacker can pin one server thread‑pool worker at 100 % CPU per connection. With a few connections, the CPU usage can be exhausted. Preconditions An attacker being able to reach a service which is exposing an endpoint using one of NetTcpBinding, NetNamedPipeBindin...

7.5CVSS5.9AI score0.00476EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/07/27 5:32 a.m.26 views

CVE-2021-35472

An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users...

8.8CVSS8.9AI score0.01679EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2020/02/12 4:40 p.m.42 views

CVE-2020-7046

lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop...

7.8CVSS7.6AI score0.51264EPSS
Exploits0
Citrix
Citrix
added 2016/12/06 12:0 a.m.9 views

XenMobile Apps in authentication loop or crashing when returning to Secure Hub to do authentication

Secure Hub and apps for example Secure Mail end up in an authentication loop with Secure Hub showing the error message "Verify your credentials and try again", with the following options "Sign On" or "Quit". Sign On would bring you back to Secure Hub and start the loop all over again...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.41 views

Oracle Solaris Third-Party Patch Update : vino (cve_2013_5745_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The vinoserverclientdatapending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the...

7.1CVSS5.5AI score0.0872EPSS
Exploits5References3
Rows per page
Query Builder