Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.2 views

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-35945)

Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the GOAWA...

7.5CVSS7.2AI score0.01106EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.15 views

NewStart CGSL MAIN 7.02 : nghttp2 Multiple Vulnerabilities (NS-SA-2025-0134)

The remote NewStart CGSL host, running version MAIN 7.02, has nghttp2 packages installed that are affected by multiple vulnerabilities: - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wil...

7.5CVSS7.3AI score0.99999EPSS
Exploits20References7
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.2 views

TencentOS Server 4: nghttp2 (TSSA-2024:0929)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0929 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.10 views

Azure Linux 3.0 Security Update: cmake / nghttp2 / nodejs / nodejs18 (CVE-2023-35945)

The version of cmake / nghttp2 / nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-35945 advisory. - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.16 views

openSUSE: Security Advisory for nghttp2 (SUSE-SU-2023:3997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.31 views

EulerOS 2.0 SP10 : nghttp2 (EulerOS-SA-2023-3189)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.24 views

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2023-3038)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.28 views

EulerOS 2.0 SP10 : nghttp2 (EulerOS-SA-2023-3224)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2023-3015)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.22 views

EulerOS Virtualization 2.10.0 : nghttp2 (EulerOS-SA-2023-3478)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping...

7.5CVSS8AI score0.01106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.54 views

EulerOS Virtualization 2.9.1 : nghttp2 (EulerOS-SA-2024-1045)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.59 views

EulerOS Virtualization 2.9.0 : nghttp2 (EulerOS-SA-2024-1019)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.45 views

EulerOS 2.0 SP9 : nghttp2 (EulerOS-SA-2023-3314)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
OpenVAS
OpenVAS
added 2023/12/22 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2023-3506)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01106EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/12/22 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2023-3478)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01106EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/12/12 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2023-3314)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.99999EPSS
Exploits19References4
OpenVAS
OpenVAS
added 2023/10/31 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2023-3015)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.01106EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/10/18 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2023:4102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.01106EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.30 views

SUSE SLES15: libnghttp2-14 / libnghttp2-14-32bit / libnghttp2-devel / etc (SUSE-SU-2023:4102-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4102-1 advisory. - CVE-2023-35945: Fixed memory leak when PUSHPROMISE or HEADERS frame cannot be sent bsc1215713. Tenable has extracted the preceding...

7.5CVSS7.1AI score0.01106EPSS
Exploits0References4
OSV
OSV
added 2023/10/17 1:14 p.m.11 views

SUSE-SU-2023:4102-1 Security update for nghttp2

This update for nghttp2 fixes the following issues: - CVE-2023-35945: Fixed memory leak when PUSHPROMISE or HEADERS frame cannot be sent bsc1215713...

7.5CVSS7.5AI score0.01106EPSS
Exploits0References3
Rows per page
Query Builder