Lucene search
K

75 matches found

Tenable Nessus
Tenable Nessus
added 2024/08/26 12:0 a.m.38 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.7 on RHEL 7 (RHSA-2024:5856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5856 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8.4AI score0.87806EPSS
Exploits17References47
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.44 views

RHEL 7 : skydive (RHSA-2019:2796)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2796 advisory. Skydive is an open source real-time network topology and protocols analyzer. Security Fixes: HTTP/2: flood using PING frames results in...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.33 views

Rocky Linux 8 : nodejs:10 (RLSA-2019:2925)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:2925 advisory. - In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS...

7.8CVSS7.3AI score0.87806EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.39 views

Ubuntu 18.04 ESM : Netty vulnerabilities (USN-4866-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4866-1 advisory. It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512,...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References5
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.83 views

K50233772: HTTP/2 Settings Flood vulnerability CVE-2019-9515

Security Advisory Description Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty...

7.8CVSS8.1AI score0.87806EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-4866-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.87806EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 8:10 p.m.45 views

Security Bulletin: Netty vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9514, CVE-2019-9512, CVE-2019-9518, CVE-2019-9515)

Summary Netty denial of service vulnerabilities affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVEID: CVE-2019-9514 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker...

7.8CVSS7.8AI score0.87806EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:59 p.m.49 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)

Summary Node.js denial of service vulnerabilities affect IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVE-ID: CVE-2019-9511 Description: Multiple vendors are vulnerable to a denial of service, caused by a Data Dribble attack. By sending a HTTP/2 request ...

7.8CVSS7.6AI score0.87806EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2020-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.87806EPSS
Exploits4References10
OSV
OSV
added 2021/06/29 7:18 p.m.6 views

USN-4866-1 netty vulnerabilities

It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518...

7.8CVSS7.1AI score0.87806EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2021/06/29 7:18 p.m.63 views

USN-4866-1: Netty vulnerabilities

It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518...

7.8CVSS7.7AI score0.87806EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2019:2254-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.42 views

SUSE: Security Advisory (SUSE-SU-2019:2260-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:0059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.63 views

CentOS 8 : nodejs:10 (CESA-2019:2925)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2925 advisory. - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass CVE-2019-5737 - HTTP/2: large amount of data requests leads to denial...

7.8CVSS7.2AI score0.87806EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/09 4:40 a.m.43 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Netty. Vulnerability Details CVEID: CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a...

7.8CVSS0.9AI score0.87806EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 7:36 p.m.41 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Plus

Summary There are multiple vulnerabilities in IBM WebSphere Application Server Liberty that may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17573 DESCRIPTION: Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

9.8CVSS0.8AI score0.87806EPSS
Exploits3Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.94 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.99 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
Tenable Nessus
Tenable Nessus
added 2020/04/22 12:0 a.m.43 views

FreeBSD : py-twisted -- multiple vulnerabilities (9fbaefb3-837e-11ea-b5b4-641c67a117d8) (Ping Flood) (Reset Flood) (Settings Flood)

Twisted developers reports : All HTTP clients in twisted.web.client now raise a ValueError when called with a method and/or URL that contain invalid characters. This mitigates CVE-2019-12387. Thanks to Alex Brasetvik for reporting this vulnerability. The HTTP/2 server implementation now enforces...

9.8CVSS7.4AI score0.87806EPSS
Exploits4References9
Rows per page
Query Builder