Lucene search
K

240 matches found

Veracode
Veracode
added 2021/08/22 10:53 p.m.6 views

Denial Of Service

eap7-undertow is vulnerable to denial of service. The vulnerability exists due to a buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion...

7.5CVSS6.6AI score0.01375EPSS
Exploits1References8Affected Software23
CNNVD
CNNVD
added 2021/08/19 12:0 a.m.7 views

Red Hat JBoss Enterprise Application Platform资源管理错误漏洞

Red Hat JBoss Enterprise Application Platform EAP is the United States Red Hat Red Hat company's set of open source , J2EE-based middleware platform. The platform is primarily used to build, deploy and host Java applications and services. A security vulnerability exists in Red Hat JBoss Enterpris...

7.5CVSS6.9AI score0.01375EPSS
Exploits1References22
RedHat Linux
RedHat Linux
added 2021/08/18 6:14 p.m.9 views

undertow: buffer leak on incoming websocket PONG message may lead to DoS

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability...

7.5CVSS7.2AI score0.01375EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/08/18 6:5 p.m.5 views

undertow: buffer leak on incoming websocket PONG message may lead to DoS

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability...

7.5CVSS7.2AI score0.01375EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/08/18 12:0 a.m.49 views

RHEL 7 / 8 : Red Hat JBoss Enterprise Application Platform 7.4 (RHSA-2021:3219)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3219 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous...

7.5CVSS6.9AI score0.01375EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2021/08/09 1:56 a.m.139 views

CVE-2021-3690

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability...

7.5CVSS2.7AI score0.01375EPSS
Exploits1References3
Veracode
Veracode
added 2020/08/06 9:33 p.m.23 views

Information Disclosure

coturn is vulnerable to information disclosure. The STUN/TURN response buffer is not initialized properly and causes a leak of information between different client connections. An attacker is able to use their connection to intelligently query coturn to get interesting bytes in the padding bytes...

7.5CVSS2.8AI score0.01898EPSS
Exploits0References11Affected Software1
CNVD
CNVD
added 2020/04/08 12:0 a.m.2 views

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-33717)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile device buffer overflow vulnerability can be exploited by an attacker to read data outside the rkp log buffer, resulting in an information leak...

7.5CVSS7AI score0.00413EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.8 views

The vulnerability of Intel processors lies in a leak in the store buffer for results of read operations from vector registers, which allows an attacker to disclose protected information.

The vulnerability of Intel processors is related to a buffer overflow issue in the store buffer, which handles results of read operations from vector registers. Exploiting this vulnerability can allow an attacker to disclose protected information...

4CVSS6.7AI score0.00521EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability of the i5100_init_one handler in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the i5100initone implementation drivers/edac/i5100edac.ko in the Linux kernel is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by disabling ADDI-DATA GmbH communication cards with the identifier PCIDEVICEIDINTEL510019...

6.2CVSS5.8AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2019/05/08 12:12 p.m.8 views

undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer

An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...

5.3CVSS6AI score0.02114EPSS
Exploits0References4
Fortinet
Fortinet
added 2018/11/22 12:0 a.m.34 views

Uninitialized memory buffer leak in FortiOS explicit web proxy

An uninitialized memory buffer leak exists in FortiOS web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...

5CVSS0.3AI score0.02119EPSS
Exploits1Affected Software1
Prion
Prion
added 2018/04/19 8:29 p.m.19 views

Design/Logic Flaw

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

6.1CVSS7.4AI score0.00856EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/04/19 8:29 p.m.4 views

CVE-2018-0241

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

7.4CVSS6.1AI score0.00856EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/04/19 8:0 p.m.22 views

CVE-2018-0241

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

7.5AI score0.00856EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/04/19 8:0 p.m.7 views

CVE-2018-0241

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

7.2AI score0.00856EPSS
Exploits0References3
Cisco
Cisco
added 2018/04/18 4:0 p.m.76 views

Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

7.4CVSS1.9AI score0.00856EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/04/11 7:29 p.m.4 views

Junos OS: Mbuf leak due to processing MPLS packets in VPLS network.

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number...

7.8CVSS5.5AI score0.02337EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/01/04 12:0 a.m.4 views

UBUNTU-CVE-2016-10011

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process...

6.2CVSS6.9AI score0.01101EPSS
Exploits1References5
securityvulns
securityvulns
added 2001/11/13 12:0 a.m.60 views

Проблемы со службой RunAs в Windows 2000 (privelege escalation)

Атакующий может подменить именованый канал службы чтобы перехватить логин и пароль пользователя. Кроме того, после выполнения приложения не производится очистка буфера памяти, что позволяет получить доступ к конфеденциальным данным. Имеется возможность DoS...

1.6AI score
Exploits0References3
Rows per page
Query Builder