3836 matches found
HTTP/2: flood using HEADERS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using PING frames results in unbounded memory growth
A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
Multiple Cisco Products Input Validation Error Vulnerability (CNVD-2019-39603)
Cisco Aironet 1540 Series APs and so on are products of Cisco Corporation.Cisco Aironet 1540 Series APs is a 1540 series access point product.Cisco Aironet 1560 Series APs is a 1560 series access point product.Cisco Aironet 1800 Series APs is a 1800 series access point product.Cisco Aironet 1800...
Cisco Aironet Access Points/Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability
Cisco Aironet APs are a family of access access point products. Cisco Aironet, Catalyst 9100 Access Points APs A resource management error vulnerability exists in the Control and Provisioning of Wireless Access Points CAPWAP protocol implementation, which stems from a failure in CAPWAP message...
RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2019:2769)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2769 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Apache Traffic Server HTTP/2 Input Validation Error Vulnerability
Apache Traffic Server ATS is the United States Apache Apache Software Foundation's set of scalable HTTP proxy and caching server. A security vulnerability exists in Apache Traffic Server versions prior to 7.1.7 and 8.0.4. The vulnerability stems from Apache Traffic Server not limiting the number ...
HTTP/2: flood using PING frames results in unbounded memory growth
A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using HEADERS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws
Cisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points APs used by mid-size enterprises in their offices or small warehouses. It also issued a slew of additional patches addressin...
CVE-2019-15265
A vulnerability in the bridge protocol data unit BPDU forwarding functionality of Cisco Aironet Access Points APs could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from specific wireless client...
CVE-2019-15264
A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol implementation of Cisco Aironet and Catalyst 9100 Access Points APs could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS...
CVE-2019-15261
A vulnerability in the Point-to-Point Tunneling Protocol PPTP VPN packet processing functionality in Cisco Aironet Access Points APs could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to...
CVE-2019-15264 Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability
A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol implementation of Cisco Aironet and Catalyst 9100 Access Points APs could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS...
CVE-2019-15261 Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability
A vulnerability in the Point-to-Point Tunneling Protocol PPTP VPN packet processing functionality in Cisco Aironet Access Points APs could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to...
CVE-2019-15261 Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability
A vulnerability in the Point-to-Point Tunneling Protocol PPTP VPN packet processing functionality in Cisco Aironet Access Points APs could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to...
HTTP/2: flood using HEADERS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
HTTP/2: flood using PING frames results in unbounded memory growth
A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
The vulnerability of the `connection.c` component of the HTTP/2 web server Apache Traffic Server, the H2O web server, Node.js software platform, and the SwiftNIO networking framework allows a attacker to cause a service failure.
The vulnerability of the connection.c component of the HTTP/2 web server Apache Traffic Server, the H2O web server, the Node.js software platform, and the SwiftNIO networking framework is related to errors in the resource consumption control mechanism. Exploiting this vulnerability can allow an...
HTTP/2: flood using PRIORITY frames results in excessive resource consumption
A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.0.1 RPMs
Red Hat OpenShift Service Mesh 1.0.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...