SUSE CVE-2026-27623

Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valkey system does not properly reset the networking...

CVE-2026-27623

A flaw was found in Valkey. A malicious actor with network access to Valkey can cause the system to shut down by sending a specially crafted request. This occurs because the system does not properly reset its networking state after processing an empty request, leading to an assertion failure. Thi...

ALPINE-CVE-2026-27623

Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valkey system does not properly reset the networking...

PT-2026-21548

Name of the Vulnerable Software and Affected Versions Valkey versions 9.0.0 through 9.0.2 Description Valkey, a distributed key-value database, is susceptible to a denial of service condition. A remote attacker with network access can cause the system to terminate by triggering an assertion. This...

SUSE CVE-2007-6286

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to...

PT-2021-18162 · D Link · D-Link Dsp-W215

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.10 Description: A Null Pointer Dereference issue exists, which could allow a remote malicious user to cause a denial of service via usr/bin/lighttpd. This can be triggered by sending an HTTP request without a URL in...

Varnish HTTP cache DoS

assert on empty request...

CVE-2007-6286

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to...

PulseAudio sound server DoS

Multiple invalid assertusage, e.g. on empty request...

Linksys WRT54G DoS

It is possible to freeze the remote web server by sending an empty GET request. This is know to affect Linksys WRT54G routers. OpenVAS Vulnerability Test $Id: linksysemptyGETDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Linksys WRT54G DoS Authors: Michel Arboi Copyright: Copyright C 20...