Lucene search
+L

304 matches found

OpenVAS
OpenVAS
added 2017/06/08 12:0 a.m.22 views

Cisco TelePresence CE and TC Software 'SIP' DoS Vulnerability (cisco-sa-20170607-tele)

Cisco TelePresence Endpoint is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.6AI score0.03564EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/04/26 10:19 a.m.7 views

httpd: mod_http2 denial-of-service by thread starvation

A denial of service flaw was found in httpd's modhttp2 module. A remote attacker could use this flaw to block server threads for long times, causing starvation of worker threads, by manipulating the flow control windows on streams...

5.9CVSS7.4AI score0.15327EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/08/31 12:0 a.m.6 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the drivers/media/platform/msm/camerav2/isp/msmispaxiutil.c component of Qualcomm’s Android operating system is related to the lack of flow control checks. Exploiting this vulnerability allows a remote attacker to enhance their privileges through a specially created applicati...

9.3CVSS7.2AI score0.00544EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/15 12:0 a.m.94 views

Apache HTTP Server 2.4.x < 2.4.23 Multiple Vulnerabilities

Binary data 9394.prm...

7.5CVSS6.9AI score0.18802EPSS
Exploits0References3
OSV
OSV
added 2016/07/06 2:59 p.m.4 views

DEBIAN-CVE-2016-1546

The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control windows...

5.9CVSS6.8AI score0.15327EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2016/07/06 2:59 p.m.27 views

CVE-2016-1546

The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control windows...

5.9CVSS6.8AI score0.15327EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/07/06 2:0 p.m.50 views

CVE-2016-1546

The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control windows...

5.9CVSS6.8AI score0.15327EPSS
Exploits0
CNVD
CNVD
added 2016/06/23 12:0 a.m.4 views

Generalized SQL Injection Vulnerability in Flow Control Routing of CoQin Technology

Since its inception over 15 years ago, Co-Tech has evolved from a manufacturer of high-end modems to a strong competitor in the broadband solutions space. A generalized SQL injection vulnerability exists in the flow control routing of Welkin Technologies. It allows attackers to utilize commonly...

8.1AI score
Exploits0References1
seebug.org
seebug.org
added 2016/05/10 12:0 a.m.28 views

百为流控路由设计不当 可任意添加管理员

POST /goform/webForm HTTP/1.0 Referer: ...:2011/advance/adminuser.htm?v=20130320 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Accept: / Accept-Language: zh-CN Proxy-Connection: Keep-Alive User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64; Trident/7.0; rv:11.0 like...

7.1AI score
Exploits0
Citrix
Citrix
added 2016/04/29 12:0 a.m.8 views

Is it possible to optimize SSH or SFTP connections?

QUESTION: Is it possible to optimize SSH or SFTP connections? ANSWER: SSH and SFTP are encrypted traffic: SSH one-time encrypted data stream and SFTP goes over the SSH port CloudBridge can only optimize with flow-control-only but won't be able to compress it...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/04/11 12:0 a.m.10 views

PT-2016-2318

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.18 Description The issue is related to resource management errors in the Apache HTTP Server. It allows a remote attacker to cause a denial of service by modifying flow-control windows, leading to ...

5.9CVSS6.9AI score0.15327EPSS
Exploits0References32
Apache Httpd
Apache Httpd
added 2016/02/02 12:0 a.m.69 views

Apache Httpd < 2.4.20 : mod_http2: denial of service by thread starvation

By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18...

5.9CVSS1.1AI score0.15327EPSS
Exploits0Affected Software1
Intel
Intel
added 2015/08/12 12:0 a.m.20 views

Potential Vulnerability with Intel® LAN Products with SR-IOV

Summary: A potential issue impacting Intel® LAN products with SR-IOV capability is expected to be publicly disclosed by security researchers at an industry conference on August 13, 2015. Description: In Intel® LAN products with SR-IOV capability, the potential exists where, under specific...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/07/09 12:0 a.m.6 views

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending IEEE 802.3x control frames remotely...

5.7CVSS5.4AI score0.00874EPSS
Exploits0References2
CNVD
CNVD
added 2015/06/24 12:0 a.m.5 views

Cisco ASR 9000 IOS XR Resource Management Error Vulnerability

Cisco IOS XR on ASR 9000 is a set of operating systems from Cisco that run in the 9000 series router devices. A security vulnerability exists in Cisco IOS XR version 5.3.1 for Cisco ASR 9000 devices. A remote attacker can exploit this vulnerability to cause a denial of service NPU chip reset or...

5.7CVSS6.6AI score0.00874EPSS
Exploits0References1
NVD
NVD
added 2015/06/23 2:59 p.m.17 views

CVE-2015-4205

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...

5.7CVSS6.6AI score0.00874EPSS
Exploits0References3
Prion
Prion
added 2015/06/23 2:59 p.m.22 views

Design/Logic Flaw

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...

5.7CVSS7.2AI score0.00874EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/06/23 2:0 p.m.24 views

CVE-2015-4205

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...

6.6AI score0.00874EPSS
Exploits0References3
Cisco
Cisco
added 2015/06/22 7:31 p.m.31 views

Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability

A vulnerability in flow control processing of Cisco IOS XR Software for Cisco ASR 9000 Series Routers could allow an unauthenticated, adjacent attacker to cause a Network Processing Unit NPU chip reset and potentially a reload of the affected line card. The vulnerability is due to improper...

5.7CVSS6.7AI score0.00874EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/11/17 6:11 p.m.8 views

bash: off-by-one error in deeply nested flow control constructs

An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash...

10CVSS6.9AI score0.58462EPSS
Exploits12References4
Rows per page
Query Builder