netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

A flaw was found in Netty. A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume...

RHEL 8 : python-pillow (RHSA-2021:4149)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4149 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2020-2476)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC...

EulerOS 2.0 SP8 : samba (EulerOS-SA-2020-1826)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw...

CVE-2020-10745

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this...

Denial Of Service (DoS)

httpd is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafte...

Denial Of Service (DoS)

Squid is vulnerable to Denial Of Service DoS. A flaw was found in the way Squid processed certain external ACL helper HTTP header fields that contained a delimiter that was not a comma. A remote attacker could issue a crafted request to the Squid server, causing excessive CPU use up to 100%...

PT-2019-2576 · Red Hat · 389-Ds-Base +1

Name of the Vulnerable Software and Affected Versions: 389-ds-base versions 1.4.0.x before 1.4.0.17 Red Hat Enterprise Linux 7.5 Description: The issue is related to excessive CPU consumption, which can lead to a denial of service. An attacker can provoke this condition, causing the system to...

openSUSE: Security Advisory for dropbear (openSUSE-SU-2016:1891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : dropbear (openSUSE-2016-912)

This update for dropbear fixes four security issues bnc990363 : - A format string injection vulnerability allowed remotes attacker to run arbitrary code as root if specific usernames including '%' symbols could be created on the target system. If a dbclient user can control usernames or host...

Security update for dropbear (critical)

This update for dropbear fixes four security issues bnc990363: - A format string injection vulnerability allowed remotes attacker to run arbitrary code as root if specific usernames including "%" symbols could be created on the target system. If a dbclient user can control usernames or host...

wireshark: X11 memory leak (wnpa-sec-2015-15)

A flaw was found in X11 dissector of wireshark of which an attacker could make wireshark consume excessive CPU resources which could make system unresponsive by injecting specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file...

Oracle: Security Advisory (ELSA-2012-0069)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 19 : xen-4.2.4-2.fc19 (2014-2862)

32-bit fix for 'Guest triggerable AMD CPU erratum may cause host hang', xen-4.2.4 also fixes XSA-60, CVE-2013-2212 update to xen-4.2.4 use-after-free in xccpupoolgetinfo under memory pressure Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Scientific Linux Security Update : squid on SL5.x i386/x86_64

A flaw was found in the way Squid processed certain external ACL helper HTTP header fields that contained a delimiter that was not a comma. A remote attacker could issue a crafted request to the Squid server, causing excessive CPU use up to 100%. CVE-2009-2855 Note: The CVE-2009-2855 issue only...

389-ds-base security, bug fix, and enhancement update

1.2.10.2-15 - Resolves: Bug 824014 - DS Shuts down intermittently 1.2.10.2-14 - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress -- patch 0015 fixes a small memleak in previous patch 1.2.10.2-13 - Resolves: Bug 822700 - Bad DNs in ACIs can segfault ns-slapd...

RedHat Update for mysql RHSA-2011:0164-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 6 : ImageMagick (RHSA-2012:0544)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0544 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was fou...

ruby security update

1.8.7.352-4 - Address CVE-2011-4815 'DoS excessive CPU use via hash meet-in-the-middle attacks oCERT-2011-003' ruby-1.8.7-p352-CVE-2011-4815.patch - Resolves: rhbz768831...

CentOS Update for finch CESA-2010:0115 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...