Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3887 matches found

OSV
OSVadded 2019/08/13 9:15 p.m.2 views

ALPINE-CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.5CVSS8.8AI score0.24822EPSS
Exploits0References1
OSV
OSVadded 2019/08/13 9:15 p.m.1 views

DEBIAN-CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.5CVSS8AI score0.24822EPSS
Exploits0References1
OSV
OSVadded 2019/08/13 9:15 p.m.39 views

CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.5CVSS6.8AI score
Exploits0References27
OSV
OSVadded 2019/08/13 9:15 p.m.1 views

DEBIAN-CVE-2019-9514

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RSTSTREAM frames from the peer. Depending on how the peer queues the...

7.5CVSS7.9AI score0.82813EPSS
Exploits0References1
OSV
OSVadded 2019/08/13 9:15 p.m.1 views

DEBIAN-CVE-2019-9515

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost...

7.5CVSS8AI score0.87806EPSS
Exploits0References1
Prion
Prionadded 2019/08/13 9:15 p.m.28 views

Design/Logic Flaw

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.8CVSS7.3AI score0.24822EPSS
Exploits0References27Affected Software16
Cvelist
Cvelistadded 2019/08/13 8:50 p.m.39 views

CVE-2019-9518 Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.5CVSS7.6AI score0.24822EPSS
Exploits0References27
Debian CVE
Debian CVEadded 2019/08/13 8:50 p.m.28 views

CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.8CVSS7.8AI score0.24822EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2019/08/13 8:50 p.m.28 views

CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.8CVSS7.8AI score0.24822EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2019/08/13 12:0 a.m.39 views

CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.8CVSS7.2AI score0.24822EPSS
Exploits0References5
OSV
OSVadded 2019/08/13 12:0 a.m.2 views

UBUNTU-CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

7.5CVSS5.8AI score0.24822EPSS
Exploits0References6
OSV
OSVadded 2019/08/13 12:0 a.m.1 views

UBUNTU-CVE-2019-9515

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost...

7.5CVSS7.3AI score0.87806EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2019/08/13 12:0 a.m.6 views

PT-2019-2979 · Alt Linux +7 · Alt Linux +7

Name of the Vulnerable Software and Affected Versions: HTTP/2 implementations affected versions not specified Description: The issue is related to a flood of empty frames in HTTP/2 implementations, which can lead to a denial of service. An attacker sends a stream of frames with an empty payload a...

9.8CVSS6.3AI score0.95707EPSS
Exploits52References622
OSV
OSVadded 2019/07/31 6:15 p.m.2 views

CVE-2019-1901

A vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges. T...

8.8CVSS7.8AI score0.01082EPSS
Exploits0References1
NVD
NVDadded 2019/07/25 5:15 p.m.20 views

CVE-2019-2276

Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607,...

10CVSS9.3AI score0.00945EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2019/07/25 12:0 a.m.53 views

EulerOS 2.0 SP8 : tomcat (EulerOS-SA-2019-1772)

According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory...

7.5CVSS6.4AI score0.94494EPSS
Exploits3References3
OSV
OSVadded 2019/06/27 5:15 p.m.2 views

UBUNTU-CVE-2018-6155

Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

6.5CVSS7.3AI score0.00675EPSS
Exploits0References2
OSV
OSVadded 2019/05/22 8:29 p.m.4 views

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

7.5CVSS7.1AI score0.01129EPSS
Exploits0References2
NVD
NVDadded 2019/05/22 8:29 p.m.21 views

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

7.5CVSS7.5AI score0.01129EPSS
Exploits0References2
Prion
Prionadded 2019/05/22 8:29 p.m.16 views

Design/Logic Flaw

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

5CVSS7.4AI score0.01129EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder