Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2026/04/25 12:0 a.m.4 views

PT-2026-35139

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In openvswitch, the validate set function accepted OVS KEY ATTR MPLS as a variable-sized payload for SET and SET MASKED actions. However, action handling expects fixed-size MPLS key data...

8.8CVSS5.8AI score0.00282EPSS
Exploits0References55
RedHat Linux
RedHat Linuxadded 2022/06/30 7:0 p.m.4 views

tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS

A flaw was found in Apache Tomcat, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. The highest threat from this vulnerability is to...

7.5CVSS7.1AI score0.87553EPSS
Exploits1References9
RedHat Linux
RedHat Linuxadded 2022/06/30 6:34 p.m.4 views

jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS

A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.87553EPSS
Exploits1References4
OSV
OSVadded 2022/02/08 10:5 p.m.0 views

GHSA-M7JV-HQ7H-MQ7C Infinite Loop in Apache Tomcat

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References28
Tenable Nessus
Tenable Nessusadded 2021/03/12 12:0 a.m.65 views

JFrog < 7.7.0 Multiple Vulnerabilities

According to its self-reported version number, the version of JFrog Artifactory installed on the remote host is prior to 7.7.0. It is, therefore, affected by multiple vulnerabilities: - An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did no...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2020/08/10 11:36 a.m.3 views

tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS

A flaw was found in Apache Tomcat, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. The highest threat from this vulnerability is to...

7.5CVSS7.1AI score0.87553EPSS
Exploits1References9
Rows per page
Query Builder