Lucene search
+L

218 matches found

Oracle linux
Oracle linux
added 2024/02/28 12:0 a.m.66 views

unbound security update

1.16.2-5.2 - bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 - bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868...

7.5CVSS7.3AI score0.99995EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/02/26 8:46 a.m.53 views

Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7AI score0.99995EPSS
Exploits1References3
NVD
NVD
added 2024/02/14 5:15 p.m.27 views

CVE-2024-23979

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...

7.5CVSS7.7AI score0.00342EPSS
Exploits0References1
Prion
Prion
added 2024/02/14 5:15 p.m.23 views

Authentication flaw

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...

5CVSS7.3AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/14 4:30 p.m.31 views

CVE-2024-23979 BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...

7.5CVSS7.8AI score0.00342EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2024/02/14 1:29 p.m.35 views

K000134516: BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979

Security Advisory Description When an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2024-23979 Impact System performance can...

7.5CVSS7.6AI score0.00342EPSS
Exploits0Affected Software12
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.18 views

F5 Networks BIG-IP : BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability (K000134516)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000134516 advisory. - When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication...

7.5CVSS7.4AI score0.00342EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/24 12:0 a.m.3 views

CVE-2023-51890

An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CPU resources via crafted string in the application URL...

7.2AI score0.00856EPSS
Exploits1References1
OSV
OSV
added 2023/10/24 2:0 a.m.73 views

GHSA-3PX7-JM2P-6H2C encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs

Impact The length of URIs and the various parts eg path segments, query parameters is usually limited by the webserver processing the incoming request. In the case of Puma the defaults are : - path segment length: 8192 - Max URI length: 1024 12 - Max query length: 1024 10 See...

7.5CVSS7.3AI score0.01112EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.33 views

SUSE SLES15: ruby2.5-rubygem-rails-html-sanitizer / etc (SUSE-SU-2023:3714-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3714-1 advisory. - CVE-2022-23517: Fixed inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize...

7.5CVSS6.7AI score0.01454EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2023/09/14 12:0 a.m.33 views

Debian dla-3565 : ruby-loofah - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3565 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3565-1 [email protected]...

7.5CVSS6.6AI score0.01686EPSS
Exploits0References8
Citrix
Citrix
added 2023/08/02 12:0 a.m.9 views

How To Troubleshoot High Packet or Management CPU Issue on Citrix ADC

CPU is a finite resource. Like many resources, there are limits to a CPU's capacity. The NetScaler appliance has two kinds of CPUs in general: The Management CPU and Packet CPU...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.38 views

SUSE SLES15 / openSUSE 15 Security Update : rubygem-loofah (SUSE-SU-2023:1657-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1657-1 advisory. - Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofa...

7.5CVSS6.5AI score0.01686EPSS
Exploits0References10
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.48 views

K71103363: BIG-IP big3d vulnerability CVE-2022-29480

Security Advisory Description When multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. CVE-2022-29480 Impact This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a...

5.3CVSS5.4AI score0.00854EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:13 p.m.40 views

K53442005: BIG-IP VE vulnerability CVE-2022-23030

Security Advisory Description When the BIG-IP Virtual Edition VE uses the ixlv driver which is used in SR-IOV mode and requires Intel X710/XL710/XXV710 family of network adapters on the Hypervisor and TCP Segmentation Offload configuration is enabled, undisclosed requests may cause an increase in...

5.3CVSS5.3AI score0.00889EPSS
Exploits0Affected Software13
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.4 views

SUSE CVE-2019-9721

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

4.3CVSS6.7AI score0.01423EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.14 views

SUSE CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

5.5CVSS6.3AI score0.00734EPSS
Exploits0References33
Prion
Prion
added 2023/02/01 6:15 p.m.21 views

Authentication flaw

In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software...

5CVSS7.6AI score0.00663EPSS
Exploits0References1Affected Software12
CVE
CVE
added 2023/02/01 5:53 p.m.67 views

CVE-2023-22323

CVE-2023-22323 affects F5 BIG-IP BIG-IP SSL OCSP Authentication profile when configured on a virtual server. The issue arises in BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all 13.1.x, where undisclosed OCSP requests can caus...

7.5CVSS7.7AI score0.00663EPSS
Exploits0References1Affected Software12
Cvelist
Cvelist
added 2023/02/01 5:53 p.m.41 views

CVE-2023-22323 BIG-IP SSL OCSP Authentication profile vulnerability

In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software...

7.5CVSS7.8AI score0.00663EPSS
Exploits0References1
Rows per page
Query Builder