Lucene search
K

58 matches found

OSV
OSV
added 2023/02/16 7:15 a.m.28 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS7.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/02/16 7:15 a.m.65 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS6.8AI score0.01408EPSS
Exploits0References4
Prion
Prion
added 2023/02/16 7:15 a.m.92 views

Design/Logic Flaw

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

5CVSS6.2AI score0.01408EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/02/16 6:24 a.m.20 views

CVE-2023-0662 DoS vulnerability when parsing multipart request body

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS8AI score0.01408EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/02/16 6:24 a.m.48 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS6.7AI score0.01408EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/02/16 6:24 a.m.81 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS8.1AI score0.01408EPSS
Exploits0
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.2 views

PHP 资源管理错误漏洞

PHP is a scripting language for PHP that executes server-side. A resource management error vulnerability exists in PHP versions 8.0.X prior to 8.0.28, 8.1.X prior to 8.1.16, and 8.2.X prior to 8.2.3, which stems from the fact that too many uploaded portions of an HTTP form can lead to a denial of...

7.5CVSS6.9AI score0.01408EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/02/15 12:0 a.m.143 views

Slackware Linux 15.0 / current php Multiple Vulnerabilities (SSA:2023-045-02)

The version of php installed on the remote host is prior to 7.4.33 / 8.0.28 / 8.1.16. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-045-02 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function...

8.1CVSS7.2AI score0.01408EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/02/15 12:0 a.m.4 views

PT-2023-2473 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.0.0 through 8.0.27 PHP versions 8.1.0 through 8.1.15 PHP versions 8.2.0 through 8.2.2 Description: The issue is related to an excessive number of parts in HTTP form upload, which can cause high resource consumption and excessiv...

9.8CVSS6.3AI score0.49336EPSS
Exploits76References145
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.33 views

PHP 8.1.x < 8.1.16

The version of PHP installed on the remote host is prior to 8.1.16. It is, therefore, affected by a vulnerability as referenced in the Version 8.1.16 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high...

7.5CVSS6.9AI score0.01408EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.53 views

PHP 8.0.x < 8.0.28

The version of PHP installed on the remote host is prior to 8.0.28. It is, therefore, affected by a vulnerability as referenced in the Version 8.0.28 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high...

7.5CVSS6.9AI score0.01408EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/10/21 8:32 p.m.53 views

.NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 5.0, and .NET CORE 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Microsoft is aware of a Denial of Service...

7.5CVSS0.5AI score0.03228EPSS
Exploits0References12Affected Software12
OSV
OSV
added 2022/10/21 8:32 p.m.42 views

GHSA-CW98-9J8W-WXV9 .NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 5.0, and .NET CORE 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Microsoft is aware of a Denial of Service...

7.5CVSS7.5AI score0.03228EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2021/06/03 12:0 a.m.26 views

Fedora: Security Advisory for curl (FEDORA-2021-eb5b7c53a9)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS5.5AI score0.60122EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/23 12:0 a.m.22 views

Fedora: Security Advisory for curl (FEDORA-2021-26a293c72b)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS6AI score0.05301EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/06/27 12:0 a.m.33 views

Fedora: Security Advisory for curl (FEDORA-2020-6af1dd2936)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.8AI score0.01236EPSS
Exploits1References2
Fedora
Fedora
added 2019/09/29 2:22 a.m.47 views

[SECURITY] Fedora 29 Update: curl-7.61.1-12.fc29

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

9.8CVSS0.49739EPSS
Exploits5
Prion
Prion
added 2019/05/24 5:29 p.m.22 views

Cross site scripting

In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting XSS vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting the HTTP form parameter adscsrf. An attacker can use this to capture a user's AD self-service passwor...

4.3CVSS6.1AI score0.03496EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/24 4:48 p.m.13 views

CVE-2019-8346

In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting XSS vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting the HTTP form parameter adscsrf. An attacker can use this to capture a user's AD self-service passwor...

6.1AI score0.03496EPSS
Exploits0References1
Fedora
Fedora
added 2017/11/11 3:23 a.m.24 views

[SECURITY] Fedora 27 Update: curl-7.55.1-6.fc27

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

7.5CVSS0.08465EPSS
Exploits0
Rows per page
Query Builder