7670 matches found
CVE-2025-3112
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...
CVE-2025-3116
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller...
Fedora: Security Advisory (FEDORA-2025-70701de9de)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-48786
A server-side request forgery vulnerability CWE-918 in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests...
CVE-2025-3898
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver...
CVE-2025-3112
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...
CVE-2025-3116
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller...
CVE-2025-3116
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller...
CVE-2025-3112
CVE-2025-3112 describes an Uncontrolled Resource Consumption vulnerability in Schneider Electric Modicon Controllers (M241/M251/M258/LMC058/M262 family). The issue arises from handling an authenticated user-supplied manipulated HTTPS Content-Length header, enabling a Denial of Service. The CVSS m...
CVE-2025-3112
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...
CVE-2025-3112
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...
CVE-2025-3898
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver...
CVE-2025-3898
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver...
PT-2025-24627 · Schneider Electric · Modicon Controllers M241/M251 +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Denial of Service issue exists due to improper input validation. This occurs when an authenticated malicious user sends a special malformed HTTPS request containing improperly formatted bo...
OESA-2025-1612 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size...
Malicious code in https-parse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4644 Malicious code in https-parse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
HTTPS access to NetScaler Console is failed after installing a new certificate
HTTPs access to NetScaler Console failed after installing a new certificate from GUI System -Administration -Install SSL Certificate in NetScaler Console...
SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2025:01787-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01787-1 advisory. Update to version 9.20.9. - Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure...
SUSE-SU-2025:01787-1 Security update for bind
This update for bind fixes the following issues: Update to version 9.20.9. - Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG bsc1243361. CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS...