Lucene search
K

48 matches found

ATTACKERKB
ATTACKERKB
added 2025/09/11 8:13 a.m.5 views

CVE-2025-48038

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2025/09/11 8:13 a.m.31 views

CVE-2025-48038

CVE-2025-48038 affects Erlang OTP ssh (ssh_sftpd) with Allocation of Resources Without Limits or Throttling, causing excessive resource consumption. The issue is present across multiple OTP/erlang SSH versions (as detailed in the CVE entry) and is being addressed through vendor advisories and sec...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/06/17 2:29 a.m.4 views

SUSE CVE-2025-4748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...

4.4CVSS6.3AI score0.00226EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2025/06/16 12:0 a.m.6 views

Erlang - Absolute Path in Zip Module

https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc reports: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program...

4.8CVSS6.9AI score0.00226EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/04/25 3:31 p.m.210 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433 Erlang/OTP SSH RCE EXP Description A serio...

10CVSS8.8AI score0.97859EPSS
Exploits36
OSV
OSV
added 2025/04/08 1:48 p.m.3 views

USN-7425-1 erlang vulnerability

It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service...

7.5CVSS5.8AI score0.00436EPSS
Exploits0References2
NVD
NVD
added 2024/12/05 5:15 p.m.20 views

CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

5.5CVSS0.00251EPSS
Exploits0References1
OSV
OSV
added 2016/04/07 9:59 p.m.2 views

DEBIAN-CVE-2015-2774

Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 aka POODLE...

5.9CVSS6.2AI score0.01899EPSS
Exploits0References1
Rows per page
Query Builder