30 matches found
CVE-2026-52866
An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...
CVE-2026-52866 Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Missing Authorization
An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...
CVE-2026-52866
An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...
CVE-2026-52866
The CVE-2026-52866 entry concerns the Apollo Pharmacy Blood Glucose Monitoring System APG-01 with BT lacking authorization in BLE. The connected docs provide concrete details: an attacker in BLE range can monopolize the device’s only available BLE connection slot, blocking legitimate users/applic...
PT-2026-50822
Name of the Vulnerable Software and Affected Versions Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT affected versions not specified Description An attacker within Bluetooth Low Energy BLE communication range can monopolize the only available BLE connection slot of the device. This...
CVE-2026-40719
Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved...
EUVD-2008-0145
Malware in sbrugna...
EUVD-2014-6085
Malware in sbrugna...
EUVD-2006-1210
Malware in sbrugna...
EUVD-2004-2757
Malware in sbrugna...
Ubuntu 20.04 LTS / 22.04 LTS : lighttpd vulnerabilities (USN-5903-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5903-1 advisory. It was discovered that lighttpd incorrectly handled certain inputs, which could result in a stack buffer overflow. A remote attacker could...
GLSA-202210-12 : Lighttpd: Denial of Service
The remote host is affected by the vulnerability described in GLSA-202210-12 Lighttpd: Denial of Service - In lighttpd 1.4.65, modwstunnel does not initialize a handler function pointer if an invalid HTTP request websocket handshake is received. It leads to null pointer dereference which crashes...
Denial Of Service (DoS)
lighttpd is vulnerable to denial of service. The vulnerability exists in gwbackend.c where there is a resource leak which will lead to a connection slot exhaustion after a large amount of anomalous TCP behavior causing an application crash...
Design/Logic Flaw
A resource leak in gwbackend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service connection-slot exhaustion after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of modfastcgi is, for example,...
CVE-2022-41556
A resource leak in gwbackend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service connection-slot exhaustion after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of modfastcgi is, for example,...
CVE-2022-41556
CVE-2022-41556 affects lighttpd 1.4.56–1.4.66, describing a resource leak in gw_backend.c that can cause denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior, related to RDHUP mishandling in certain HTTP/1.1 chunked scenarios (mod_fastcgi also affected). T...
CVE-2022-41556
A resource leak in gwbackend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service connection-slot exhaustion after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of modfastcgi is, for example,...
CVE-2008-4109
A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service connection sl...
openssh: Prevent connection slot exhaustion attacks
The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service connection-slot exhaustion by periodically making many new TCP connections...
Directory traversal
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SOKEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service connection slot exhaustion via multiple connections, aka Bug Id 6782659...