Lucene search
K

478 matches found

Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.48 views

Wireshark 3.2.x < 3.2.13 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.2.13. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.13 advisory. - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of servi...

6.5CVSS6.8AI score0.02023EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.51 views

Wireshark 3.4.x < 3.4.5 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.4.5. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.5 advisory. - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service...

6.5CVSS6.8AI score0.02023EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.38 views

Wireshark 3.4.x < 3.4.5 A Vulnerability (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.5. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.5 advisory. - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial o...

6.5CVSS6.8AI score0.02023EPSS
Exploits1References4
Veracode
Veracode
added 2021/03/23 6:36 a.m.36 views

Regular Expression Denial Of Service (ReDos)

xstream is vulnerable to regular expression denial of service. A remote attacker is able to occupy a thread that consumes excessive CPU resources for long period of time...

7.5CVSS3.9AI score0.13832EPSS
Exploits0References21Affected Software5
NVD
NVD
added 2021/03/19 8:15 p.m.21 views

CVE-2019-10196

A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an...

9.8CVSS0.01392EPSS
Exploits0References2
Prion
Prion
added 2021/03/19 8:15 p.m.28 views

Design/Logic Flaw

A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an...

9CVSS9.1AI score0.01392EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2021/03/19 7:22 p.m.28 views

CVE-2019-10196

A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an...

9.3AI score0.01392EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2021/03/18 6:25 p.m.47 views

CVE-2021-27291

A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denyin...

7.5CVSS3.6AI score0.03832EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.45 views

NewStart CGSL MAIN 6.02 : expat Multiple Vulnerabilities (NS-SA-2021-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has expat packages installed that are affected by multiple vulnerabilities: - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and...

7.8CVSS7.6AI score0.07107EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/03 4:2 p.m.46 views

Security Bulletin: IBM MQ Appliance is affected by libexpat vulnerabilities (CVE-2018-20843, CVE-2019-15903)

Summary IBM MQ Appliance has resolved libexpat vulnerabilities. Vulnerability Details CVEID: CVE-2018-20843 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit th...

7.8CVSS1.8AI score0.07107EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.57 views

Wireshark 3.4.x < 3.4.3 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 3.4.3. It is, therefore, affected by vulnerabilities as referenced in the wireshark-3.4.3 advisory. - The USB HID dissector could leak memory. It may be possible to make Wireshark consume excessive CPU resources by injectin...

7.5CVSS7.1AI score0.02747EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.260 views

IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.17 / 9.0.0.0 < 9.0.5.1 Multiple Vulnerabilities (964768)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities as follows: - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while...

7.8CVSS6.3AI score0.81466EPSS
Exploits6References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/22 5:41 p.m.26 views

Security Bulletin: Potential Denial of Service security vulnerability in Rational Synergy (CVE-2011-4461)

Summary Potential Denial of Service DoS security vulnerability in IBM Rational Synergy due to a Java HashTable security vulnerability in Jetty CVE-2011-4461. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for mo...

5.3CVSS0.4AI score0.05044EPSS
Exploits1Affected Software1
ArchLinux
ArchLinux
added 2020/12/09 12:0 a.m.79 views

[ASA-202012-19] gdk-pixbuf2: denial of service

Arch Linux Security Advisory ASA-202012-19 ========================================== Severity: Medium Date : 2020-12-09 CVE-ID : CVE-2020-29385 Package : gdk-pixbuf2 Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-1328 Summary ======= The package gdk-pixbuf2 before...

5.5CVSS1.5AI score0.01477EPSS
Exploits0References7
ArchLinux
ArchLinux
added 2020/12/09 12:0 a.m.82 views

[ASA-202012-20] lib32-gdk-pixbuf2: denial of service

Arch Linux Security Advisory ASA-202012-20 ========================================== Severity: Medium Date : 2020-12-09 CVE-ID : CVE-2020-29385 Package : lib32-gdk-pixbuf2 Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-1329 Summary ======= The package...

5.5CVSS1.5AI score0.01477EPSS
Exploits0References7
Veracode
Veracode
added 2020/12/04 4:37 p.m.30 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. It is possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file...

7.5CVSS3AI score0.02041EPSS
Exploits1References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.53 views

Oracle Linux 8 : expat (ELSA-2020-4484)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4484 advisory. 2.2.5-4 - add security fixes for CVE-2018-20843, CVE-2019-15903 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.8CVSS7.4AI score0.07107EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/10 6:20 p.m.46 views

Security Bulletin: A vulnerability in SSL implementation affects IBM SPSS Statistics Server

Summary Client initiated Renegotiation could lead to weak encrypted communication, therefore client initiated renegotiation should be disabled. Vulnerability Details CVEID: CVE-2011-1473 DESCRIPTION: Multiple implementations of the Transport Layer Security TLS protocol, including SSL, are...

5CVSS1.4AI score0.67703EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/04 6:49 p.m.48 views

Security Bulletin: CVE-2009-2625 CVE-2012-0881 CVE-2013-4002 CVE-2014-0107 Multiple Xml handling Issues in xerces and xalan

Summary CVE-2009-2625 CVE-2012-0881 CVE-2013-4002 CVE-2014-0107 Multiple Xml handling Issues in xerces and xalan Vulnerability Details CVEID: CVE-2009-2625 DESCRIPTION: Sun Java Runtime Environment JRE is vulnerable to a denial of service, caused by an error in Apache Xerces2 Java. A remote...

7.8CVSS1.1AI score0.3038EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/29 7:36 a.m.60 views

Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM App Connect Enterprise V11

Summary IBM App Connect Enterprise V11 ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-11080 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error in the HTTP/...

9.3CVSS1.4AI score0.07646EPSS
Exploits1Affected Software1
Rows per page
Query Builder