11 matches found
DEBIAN-CVE-2026-42577
Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...
CVE-2026-42577
Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...
Netty 安全漏洞
Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty from 4.2.0.Final to 4.2.13.Final contain security vulnerabilities. These vulnerabilities ste...
Denial Of Service (DoS)
org.hibernate.reactive, hibernate-reactive-core is vulnerable to a Denial of Service DoS. The vulnerability is due to improper handling of prematurely closed HTTP connections during database operations, which allows an attacker to exhaust the database connection pool by forcing connection leaks...
📄 Lighttpd 1.4.66 FastCGI Resource Exhaustion
Proof of concept exploit for a resource exhaustion vulnerability that exists in lighttpd versions 1.4.56 through 1.4.66 affecting FastCGI and other gateway backends. When processing HTTP/1.1 requests using chunked transfer encoding with request-body streaming enabled, an anomalous client disconne...
📄 Lighttpd 1.4.66 Resource Leak Denial of Service
Lighttpd versions 1.4.56 through 1.4.66 has a resource exhaustion vulnerability affecting gateway backends such as FastCGI. When handling an HTTP/1.1 request with chunked transfer encoding and request-body streaming enabled, lighttpd mishandles an anomalous client disconnect RDHUP / half-closed T...
Lighttpd 1.4.56 - 1.4.66 Resource Leak Denial of Service PoC
Summary lighttpd pronounced /lighty/ is a secure, fast, compliant, and very flexible web server that has been optimized for high-performance environments. lighttpd uses memory and CPU efficiently and has lower resource use than other popular web servers. Its advanced feature-set FastCGI, CGI, Aut...
UBUNTU-CVE-2017-3144
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...
DEBIAN-CVE-2016-0741
slapd/connection.c in 389 Directory Server formerly Fedora Directory Server 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service infinite loop and connection blocking by leveraging an abnormally closed connection...
UBUNTU-CVE-2016-0741
slapd/connection.c in 389 Directory Server formerly Fedora Directory Server 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service infinite loop and connection blocking by leveraging an abnormally closed connection...
389-ds-base: worker threads do not detect abnormally closed connections causing DoS
An infinite-loop vulnerability was discovered in the 389 directory server, where the server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and st...