22 matches found
CVE-2021-47969 Color Notes 1.4 Denial of Service via Long Character String
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350,000 repeated characters and paste it twice into a new note to cause the...
EUVD-2019-19864
Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a large string of characters into the New Width or New Height field to trigger a buffer...
CLSA-2026-1771000442 libsoup: Fix of CVE-2026-0719
CVE-2026-0719 fix integer overflow in NTLM authentication when processing excessively long passwords...
EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2024-1660)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a security flaw in the buffer for excessively long characters...
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1477)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1155)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2024-1204)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact...
RHEL 8 : openssl (RHSA-2024:0154)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0154 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
Oracle Linux 8 : openssl (ELSA-2023-7877)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7877 advisory. - Backport implicit rejection mechanism for RSA PKCS1 v1.5 to RHEL-8 series a proper fix for CVE-2020-25659 Resolves: RHEL-17696 - Fix CVE-2023-5678:...
SUSE-SU-2023:4489-1 Security update for openssl
This update for openssl fixes the following issues: - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service bsc1216922...
Buffer Overflow
libz.so is vulnerable to Buffer Overflow. The vulnerability is present due to the absence of length checks in the filename, extrafield, and comment parameters within the zip.c. This oversight enables an attacker to trigger an integer overflow, leading to a heap-based buffer overflow in the...
Amazon Linux 2 : openssl11 (ALAS-2023-2226)
The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2226 advisory. Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use...
SUSE SLED15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2023:3242-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3242-1 advisory. - CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value...
SUSE CVE-2014-0238
The cdfreadpropertyinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service infinite loop or out-of-bounds memory access via a vector that 1 has zero length or 2 is too long...
postsrsd -- Denial of service vulnerability
postsrsd developer reports: PostSRSd could be tricked into consuming a lot of CPU time with an SRS address that has an excessively long time stamp tag...
Microsoft Active Directory Federated Services (ADFS) User Enumeration
Credits: Joshua Platz aka Binary1985 + CVE ID: Requested + Website: https://github.com/binary1985 + Source: https://raw.githubusercontent.com/binary1985/VulnerabilityDisclosure/master/ADFS-Timing-Attack Vendor: ========================== http://www.microsoft.com Product: =========== Active...
Microsoft IIS 5 WebDAV PROPFIND and SEARCH Method Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7735/info Microsoft Internet Information Services has been reported vulnerable to a denial of service. When WebDAV receives excessively long requests to the 'PROPFIND' or 'SEARCH' variables, the IIS service will fail. All...
Trellian FTP Client 3.01 PASV Remote Buffer Overflow
No description provided by source. $Id: trellianclientpasv.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
32bit FTP (PASV) Reply Client Remote Overflow Exploit (meta)
Exploit for windows platform in category remote exploits ============================================================ 32bit FTP PASV Reply Client Remote Overflow Exploit meta ============================================================ msf use exploit/windows/ftp/32bitftppasvreply msf...