Lucene search
K

40 matches found

RedHat Linux
RedHat Linux
added 2026/06/17 11:5 p.m.10 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
OSV
OSV
added 2026/06/13 12:3 a.m.14 views

RLSA-2026:25057 Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.3AI score0.11471EPSS
Exploits8References2
Ivanti
Ivanti
added 2026/06/09 5:17 p.m.30 views

CVE‑2026‑49975 – HTTP/2 Denial of Service Vulnerability

Status: EPMM unaffected Summary: CVE‑2026‑49975 is a denial‑of‑service DoS vulnerability affecting HTTP/2 implementations in several web servers. The issue allows an unauthenticated attacker to exhaust server memory using specially crafted HTTP/2 requests. EPMM / Sentry rely on Apache Tomcat for...

7.5CVSS5.5AI score0.11471EPSS
Exploits8
Rockylinux
Rockylinux
added 2026/05/14 12:3 p.m.26 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

9.8CVSS5.8AI score0.00599EPSS
Exploits7
OSV
OSV
added 2026/04/12 8:16 p.m.4 views

DEBIAN-CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

7.5CVSS5.6AI score0.00236EPSS
Exploits0References1
Veracode
Veracode
added 2026/03/27 5:30 a.m.26 views

Denial Of Service (DoS)

github.com/envoyproxy/envoy is vulnerable to a Denial Of Service DoS. The vulnerability is due to a re-entry bug in the JwksFetcherImpl during failed remote JWKS fetching with multiple JWT tokens, which allows an attacker to trigger a crash by sending crafted requests that cause overlapping fetch...

6.5CVSS5.9AI score0.00497EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/22 12:11 a.m.33 views

CVE-2019-25588 BulletProof FTP Server 2019.0.0.50 Denial of Service via DNS Address

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes...

6.9CVSS0.00171EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2026-1136)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bound...

7.5CVSS5.9AI score0.01744EPSS
Exploits0References3
CVE
CVE
added 2025/12/18 12:0 a.m.12 views

CVE-2025-65563

CVE-2025-65563 affects omec-project UPF (upf-epc/pfcpiface). A NULL pointer dereference occurs in the association setup handler when a PFCP Association Setup Request omits the mandatory NodeID Information Element, causing a panic and UPF process termination. An attacker able to send PFCP Associat...

7.5CVSS6.4AI score0.00369EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11514

Malware in sbrugna...

7.5CVSS7.5AI score0.01065EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-1944

Malware in sbrugna...

5.5CVSS5.6AI score0.00328EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-27291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have...

7.5CVSS6.7AI score0.03832EPSS
Exploits1References2
CVE
CVE
added 2025/05/15 5:16 p.m.178 views

CVE-2025-47279

CVE-2025-47279 — Undici (Node.js HTTP/1.1 client) : A memory leak can occur in webhook-like usage when an attacker runs a server with an invalid TLS certificate and forces repeated webhook calls. The issue is fixed in Undici versions 5.29.0, 6.21.2, and 7.5.0. As a workaround, avoid calling a web...

3.1CVSS3.8AI score0.00254EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.8 views

Amazon Linux 2 : docker (ALASDOCKER-2025-060)

The version of docker installed on the remote host is prior to 20.10.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-060 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Rea...

7.5CVSS7AI score0.01544EPSS
Exploits0References6
NVD
NVD
added 2024/01/05 5:15 p.m.34 views

CVE-2023-34328

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS5.8AI score0.00256EPSS
Exploits0References2
OSV
OSV
added 2024/01/05 5:15 p.m.49 views

CVE-2023-34327

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS6.8AI score
Exploits0References2
NVD
NVD
added 2024/01/05 5:15 p.m.28 views

CVE-2023-34327

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS5.8AI score0.00256EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/05 5:15 p.m.30 views

CVE-2023-34327

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS6.5AI score0.00256EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/05 5:15 p.m.29 views

CVE-2023-34328

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS6.5AI score0.00256EPSS
Exploits0References2
CVE
CVE
added 2024/01/05 4:34 p.m.117 views

CVE-2023-34328

CVE-2023-34328 relates to Xen where a PV vCPU can place a breakpoint over the live GDT, potentially locking up the CPU. This is described in the CNA as a Xen/AMD x86 debugging state handling issue that can lead to a denial of service. The entry references XSA-156 and CVE-2015-8104 as related cont...

5.5CVSS5.9AI score0.00256EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder