Lucene search
K

56 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:48 a.m.7 views

CVE-2024-7294

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS6.7AI score0.00312EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/01 12:0 a.m.9 views

Progress Telerik Report Server <= 10.2.24.709 Multiple Vulnerabilities (September 2024)

The version of Progress Telerik Report Server installed on the remote host is affected by multiple vulnerabilities: - A credential stuffing attack is possible through improper restriction of excessive login attempts. CVE-2024-7292 - A password brute forcing attack is possible through weak passwor...

8.8CVSS5.5AI score0.00317EPSS
Exploits0References6
NVD
NVD
added 2024/10/09 3:15 p.m.10 views

CVE-2024-7294

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/09 2:45 p.m.15 views

CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2024/10/09 2:45 p.m.50 views

CVE-2024-7294

Progress Telerik Report Server (Progress) is affected by an HTTP DoS vulnerability on anonymous endpoints due to lack of rate limiting. The issue originates from uncontrolled resource consumption of anonymous requests, impacting availability. Affected versions are prior to 2024 Q3 (10.2.24.806). ...

7.5CVSS6.9AI score0.00312EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/09 2:45 p.m.9 views

CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

7.5CVSS6.8AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 4:15 p.m.3 views

CVE-2022-44593

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1...

5.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/06/21 4:15 p.m.29 views

CVE-2022-44593

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1...

5.3CVSS0.0026EPSS
Exploits0References1
CVE
CVE
added 2024/06/21 3:56 p.m.73 views

CVE-2022-44593

CVE-2022-44593 pertains to Solid Security (SolidWP) and is described as a Use of Less Trusted Source vulnerability that enables HTTP DoS. Public detail indicates the issue affects Solid Security versions up to 9.3.1, with the connected entry also referencing an IP Address Spoofing to Denial of Se...

5.3CVSS5.3AI score0.0026EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/06/21 3:56 p.m.25 views

CVE-2022-44593 WordPress Solid Security plugin <= 9.3.1 - IP Spoofing Leading to Denial of Service vulnerability

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1...

3.7CVSS0.0026EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/21 12:0 a.m.176 views

Node.js 18.x < 18.19.1 / 20.x < 20.11.1 / 21.x < 21.6.2 Multiple Vulnerabilities (Wednesday February 14 2024 Security Releases).

The version of Node.js installed on the remote host is prior to 18.19.1, 20.11.1, 21.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the Wednesday February 14 2024 Security Releases advisory. - On Linux, Node.js ignores certain environment variables if those may have...

9.8CVSS6.9AI score0.03168EPSS
Exploits0References8
OSV
OSV
added 2023/11/02 7:26 a.m.158 views

BIT-2023-46118

RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service DoS attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages over the HTTP API...

4.9CVSS6.6AI score0.01077EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/27 5:15 p.m.8 views

CVE-2022-22278

A vulnerability in SonicOS CFS Content filtering service returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service DoS attack...

7.5CVSS6.6AI score0.00875EPSS
Exploits0References2
NVD
NVD
added 2020/04/07 6:15 p.m.24 views

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

7.5CVSS7.4AI score0.02385EPSS
Exploits0References1
Prion
Prion
added 2020/04/07 6:15 p.m.28 views

Denial of service

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

5CVSS7.3AI score0.02385EPSS
Exploits0References1Affected Software5
Vulnrichment
Vulnrichment
added 2020/04/07 5:11 p.m.15 views

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

7.1AI score0.02385EPSS
Exploits0References1
CVE
CVE
added 2020/04/07 5:11 p.m.75 views

CVE-2019-17657

CVE-2019-17657 describes an Uncontrolled Resource Consumption DoS in Fortinet devices: FortiSwitch (&lt;3.6.11, &lt;6.0.6, ), FortiAnalyzer (), FortiManager (), and FortiAP-S/W2 (). The vulnerability allows an attacker to exhaust admin webUI resources by sending specially crafted HTTP requests/re...

7.5CVSS7.3AI score0.02385EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2020/04/07 5:11 p.m.29 views

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

7.4AI score0.02385EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/11/20 3:17 p.m.27 views

CVE-2011-0529

Weborf before 0.12.5 is affected by a Denial of Service DOS due to malformed fields in HTTP...

7.5CVSS1.1AI score0.01309EPSS
Exploits1
Cvelist
Cvelist
added 2019/08/29 12:19 a.m.15 views

CVE-2019-11060 HG100 contains an Uncontrolled Resource Consumption vulnerability

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service DoS by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time...

7.4CVSS7.3AI score0.02958EPSS
Exploits0References3
Rows per page
Query Builder