15 matches found
CVE-2026-10142
A flaw was found in kafka-python. A malicious broker or a machine-in-the-middle attacker can exploit a denial-of-service vulnerability in the protocol parser. By sending a specially crafted 4-byte frame length value without proper bounds validation, an attacker can trigger excessive memory...
EUVD-2026-36123
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...
CVE-2026-10142
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...
EUVD-2018-0581
Malware in sbrugna...
EUVD-2022-7073
Malicious code in bioql PyPI...
EUVD-2022-6718
Malicious code in bioql PyPI...
BIT-GOLANG-2022-27664
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...
RHCOS 4 : OpenShift Container Platform 4.12.30 (RHSA-2023:4674)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4674 advisory. - golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 Note that Nessus has not tested for this issue but has instead...
golang: net/http: handle server errors after sending GOAWAY
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown...
golang: net/http: handle server errors after sending GOAWAY
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown...
Medium: golang
Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: golang Note: This advisory is applicable to Amazon...
Microsoft IIS/5 bogus Content-length bug.
Let's say that it's a bug, not a security flaw, but probably can lead into denial of service with some tweaking. When you send a bad request to Microsoft IIS/5.0 server it gives you the error and closes the connection, like when you fail to authenticate. Well... let's take a look to a normal...
CVE-2001-0107
Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang...
Veritas BackupExec (remote DoS)
Hello, I am using Backup system from Veritas Software http://www.veritas.com/ and its Linux agent. That agent is listening TCP-socket 8192 in my system and if someone makes connection to that socket, but do not send anything to it, the agent hangs forever, even if you close that connection. For...
Possible DoS against inetd in Solaris
Hi, I stumbled upon something that looks like a bug in inetd on Solaris. If a Solaris box is portscaned by nmap with -T Insane option very quick scan daemons that are started by inetd stop responding. That is you can connect to them, connection get accepted, by they don't display any banner or...