Cisco Second Generation Integrated Services Routers and 4451-X Integrated Services Router Denial of Service Vulnerability

The Cisco Second Generation Integrated Services Routers ISR G2 and the 4451-X Integrated Services Router ISR4451-X are both router products from the American company Cisco. A denial of service vulnerability exists in the SM-1T3/E3 firmware in IOS and IOS XE Software on the Cisco ISR G2 and...

Regular Expression Denial of Service (ReDoS)

Overview io.konig:diff is a javascript text differencing implementation. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. This can cause an impact of about 10 seconds matching time for data 48K characters long. Disclosure Timeline Feb 15th, 2018 -...

CVE-2012-5370

JRuby computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...

ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (2)

!/usr/bin/python ProSysInfo TFTP Server TFTPDWIN 0.4.2 Coded by Wraith import os import sys import struct import socket import time print "\nProSysInfo TFTP Server TFTPDWIN 0.4.2" print "Note: This vuln is sensitive to different buffer length\n" if lensys.argv!=2: print "Usage: tftpdwin.py "...

GlassFish Enterprise Server 2.1 - Admin Console sysnetregistration.jsf URI Cross-Site Scripting

GlassFish Enterprise Server 2.1 - Admin Console sysnetregistration.jsf URI Cross-Site Scripting source: https://www.securityfocus.com/bid/34824/info GlassFish Enterprise Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...