CVE-2026-34045

Podman Desktop is a graphical tool for developing on containers and Kubernetes. Prior to 1.26.2, an unauthenticated HTTP server exposed by Podman Desktop allows any network attacker to remotely trigger denial-of-service conditions and extract sensitive information. By abusing missing connection...

CVE-2026-20082

The CVE-2026-20082 entry describes a vulnerability in Cisco Secure Firewall ASA software related to embryonic TCP connection handling under SYN flood conditions. An unauthenticated remote attacker can send crafted traffic to the device, causing incorrect dropping of incoming TCP SYNs destined to ...

PT-2026-7421

Name of the Vulnerable Software and Affected Versions Connections affected versions not specified Description The system may not accurately count connections received through the proxy port, specifically when a proxy protocol header is present. This can lead to the server exceeding its connection...

PT-2026-3817

ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access...

EUVD-2020-29511

Malware in sbrugna...

PT-2025-33536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in ksmbd where repeated connections from clients using the same IP address can exhaust connection limits, potentially preventing legitimate client...

CVE-2025-26819

CVE-2025-26819 affects Monero up to version 0.18.3.4, where the HTTP server did not enforce response limits on connections. The public description states the issue exists before the commit ec74ff4. The linked reference points to that commit as the fix. The attack surface is the HTTP server of Mon...

wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)

A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections...

CVE-2024-30390 Junos OS Evolved: Connection limits is not being enforced while the resp. rate limit is being enforced

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service DoS to the management plane. When an incoming connection was blocked because it exceeded the...

USN-5719-1 openjdk-8, openjdk-lts, openjdk-17, openjdk-19 vulnerabilities

It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. CVE-2022-21619 It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this...

glFTPd 安全漏洞

glFTPd is a free FTP server for UNIX based systems from Team glFTPd. A security vulnerability exists in glFTPd version 2.11a. A remote attacker could exploit this vulnerability to cause a denial of service by exceeding connection limits...

GHSA-XHV5-W9C5-2R2W Unbounded connection acceptance in http4s-blaze-server

Impact blaze-core, a library underlying http4s-blaze-server, accepts connections unboundedly on its selector pool. This has the net effect of amplifying degradation in services that are unable to handle their current request load, since incoming connections are still accepted and added to an...

CVE-2020-7219

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. Mitigation Enforce network connection limits on Consul server agents by using the following iptables rule: iptables -A...

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Sometimes Citrix Gateway login page takes a long time to be presented on the client’s browsers. When this issue occurs, you might observe any of the following conditions. The number of established connections to Apache counter has hit the default configured limit of 30 or a customized value, if...

ModSecurity v2.8.0 - Open Source Web Application Firewall

ModSecurity ™is an open source, free web application firewall WAF Apache module. With over 70% of all attacks now carried out over the web application level, organizations need all the help they can get in making their systems secure. Changelog v2.8.0 Bug fix Build issue: Now using autotools to...

AST-2011-005: File Descriptor Resource Exhaustion

Asterisk Project Security Advisory - AST-2011-005 Product Asterisk Summary File Descriptor Resource Exhaustion Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated TCP Based Sessions TCP SIP, Skinny, Asterisk Manager Interface, and HTTP sessions Severity Moderate Exploits...

Free Web Chat Initial Release - Connection Saturation Denial of Service

Free Web Chat Initial Release - Connection Saturation Denial of Service source: https://www.securityfocus.com/bid/10863/info Free Web Chat server is reported prone to multiple denial of service vulnerabilities. The following issues are reported: The first denial of service vulnerability reported...

DoS против SphereServer/Ultima Online

Нет таймаута на соединение до проверки имени пользователя и ограничения числа коннектов с одного IP...

ftpd.dos.pl

Who has more free file descriptors & network ports, you or the ftp server ? ftpd's which limit connections to 1 per user@host or similar may have some defense against this, or if they don't support multiple data connections open at the same time. I suspect "many" is the number of ftpd's which are...