Lucene search
+L

223 matches found

OSV
OSV
added 2026/03/24 6:24 p.m.12 views

CVE-2026-33538 Parse Server: Denial of service via unindexed database query for unconfigured auth providers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.58 and 9.6.0-alpha.52, an unauthenticated attacker can cause denial of service by sending authentication requests with arbitrary, unconfigured provider names. The server...

8.7CVSS5.8AI score0.00406EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/21 12:31 a.m.5 views

EUVD-2026-13855

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00427EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/21 12:31 a.m.9 views

EUVD-2026-13853

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00408EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 10:56 p.m.4 views

CVE-2026-31903

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00408EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 10:45 p.m.5 views

CVE-2026-31904

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00427EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.16 views

PT-2026-26697

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00408EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26698

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00427EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/07 7:31 p.m.7 views

CVE-2026-20882

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00437EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.5 views

CVE-2026-27778

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00601EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/06 6:31 p.m.12 views

EUVD-2026-10033

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00357EPSS
Exploits0References3
NVD
NVD
added 2026/03/06 4:16 p.m.8 views

CVE-2026-20882

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS0.00437EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/06 12:31 a.m.8 views

EUVD-2026-9943

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS6AI score0.00601EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.11 views

Mobiliti 安全漏洞

Mobiliti is an electric vehicle charging station system developed by the Hungarian company Mobiliti. Mobiliti has a security vulnerability, which stems from the lack of a limit on the number of authentication requests made through the WebSocket API. This vulnerability could lead to...

8.7CVSS5.8AI score0.00437EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.10 views

PT-2026-23713

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00357EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.12 views

Everon 安全漏洞

Everon is an electric vehicle charging station system developed by Everon Corporation. There is a security vulnerability in Everon’s system. This vulnerability stems from the lack of a limit on the number of authentication requests made through the WebSocket API, which can lead to denial-of-servi...

8.7CVSS5.8AI score0.00357EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.9 views

PT-2026-23712

Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable an attacke...

8.7CVSS5.8AI score0.00437EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/05 11:36 p.m.5 views

CVE-2026-27778

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS6AI score0.00601EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.12 views

PT-2026-23576

Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable attackers ...

8.7CVSS5.8AI score0.00601EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.8 views

CVE-2026-25113

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

9.8CVSS6AI score0.00465EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.5 views

CVE-2026-20792

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain...

9.8CVSS6AI score0.00477EPSS
Exploits0References1
Rows per page
Query Builder