Lucene search
K

91 matches found

RedHat Linux
RedHat Linux
added 2024/04/15 1:53 a.m.4 views

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 11:17 a.m.24 views

BIT-GITLAB-2021-39932

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing co...

4.3CVSS4.6AI score0.0086EPSS
Exploits0References3
OSV
OSV
added 2024/02/12 9:15 a.m.4 views

CVE-2023-41707

Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated...

6.5CVSS5.8AI score0.00785EPSS
Exploits0References3
NVD
NVD
added 2024/01/08 9:15 a.m.25 views

CVE-2023-29050

The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break confidentiality of information in the directory and potentially cause high load on the directory...

9.6CVSS7.8AI score0.01668EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.22 views

GitLab 12.10 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39932)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Usin...

4.3CVSS5.2AI score0.0086EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.11 views

PT-2023-6230 · Samba +5 · Samba +5

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A flaw was found in Samba, making it susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC serv...

9.8CVSS6.4AI score0.74265EPSS
Exploits14References147
OSV
OSV
added 2023/09/20 1:15 p.m.2 views

ALPINE-CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

7.5CVSS7AI score0.0215EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2023/02/22 1:8 a.m.79 views

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.5CVSS7.8AI score0.21314EPSS
Exploits1
OSV
OSV
added 2023/02/21 12:0 a.m.33 views

ALSA-2023:0832 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm/mremap.c use-after-free vulnerability CVE-2022-41222 kernel: nfsd buffer overflow by RPC message over TCP with garbage data CVE-2022-43945 kernel: an out-of-bounds vulnerability in...

7.5CVSS7.5AI score0.21314EPSS
Exploits1References8
NVD
NVD
added 2022/11/14 10:15 p.m.25 views

CVE-2022-43686

In Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service high load...

6.5CVSS0.00989EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/11/14 12:0 a.m.8 views

CVE-2022-43686

In Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service high load...

6.8AI score0.00989EPSS
Exploits0References5
Snyk
Snyk
added 2022/11/08 11:0 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. When a timeout occurs under a high load, it can cause incorrect data to be returned as the result of an asynchronously executed query. Notes: 1 This vulnerability only affects applications that communicate with...

5.8CVSS5.9AI score0.00747EPSS
Exploits0References2
OSV
OSV
added 2022/05/24 10:1 p.m.60 views

GHSA-442G-GCG6-MHM4 Play Framework Inadequate Encryption Strength vulnerability

An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host...

7.5CVSS5.9AI score0.00698EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 10:1 p.m.20 views

Play Framework Inadequate Encryption Strength vulnerability

An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host...

7.5CVSS1.2AI score0.00698EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2021/12/13 4:15 p.m.15 views

CVE-2021-39932

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing co...

4.3CVSS0.0086EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/12/13 4:15 p.m.23 views

CVE-2021-39932

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing co...

4.3CVSS5.8AI score0.0086EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/13 3:47 p.m.31 views

CVE-2021-39932

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing co...

4.3CVSS5.1AI score0.0086EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/12/13 3:47 p.m.21 views

CVE-2021-39932

Removed by vendor...

4.3CVSS5.8AI score0.0086EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/12/13 12:0 a.m.4 views

PT-2021-22771 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.0 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 Description: An issue has been discovered in GitLab CE/EE where the diff feature could be used to trigger high load...

4.3CVSS4.3AI score0.0086EPSS
Exploits0References10
NVD
NVD
added 2021/10/19 7:15 p.m.19 views

CVE-2021-31363

In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps. If a system...

6.5CVSS0.00391EPSS
Exploits0References1
Rows per page
Query Builder