8 matches found
CVE-2025-56352
CVE-2025-56352 affects the tinyMQTT broker. When processing a CONNECT packet with a zero-length Client ID and CleanSession=0, the broker returns CONNACK 0x02 (Identifier Rejected) but fails to explicitly close the TCP connection, leaving the socket open. Repeated invalid CONNECT attempts can exha...
CVE-2023-54260 cifs: Fix lost destroy smbd connection when MR allocate failed
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...
jetty: stop accepting new connections from valid clients
A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file...
CVE-2024-22201
A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file...
CVE-2024-22201 Jetty connection leaking on idle timeout when TCP congested
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to st...
GSD-2022-1000828 net/smc: fix connection leak
net/smc: fix connection leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.104 by commit 2e8d465b83db307f04ad265848f8ab3f78f6918f, it wa...
openSUSE Security Update : ceph (openSUSE-2020-187)
This update for ceph fixes the following issues : - CVE-2020-1700: Fixed a denial of service against the RGW server via connection leakage bsc1161312. - CVE-2020-1699: Fixed a information disclosure by improper URL checking bsc1161074. This update was imported from the SUSE:SLE-15-SP1:Update upda...
Microsoft ISA Server SOCKS4 Proxy Connection Leakage Vulnerability
This vulnerability allows remote attackers to extract IP addresses visited through the SOCKS4 Proxy on vulnerable ISA Server installations. Authentication is not required to exploit this vulnerability. This specific flaw exists when an empty packet is sent to the SOCKS4. The server will return a...