Lucene search
K

133 matches found

OSV
OSV
added 2025/08/06 1:15 p.m.5 views

CVE-2025-23323

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS5.8AI score0.005EPSS
Exploits0References3
OSV
OSV
added 2025/08/06 1:15 p.m.3 views

CVE-2025-23324

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS5.8AI score0.00439EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.5 views

NVIDIA Triton Inference Server 数字错误漏洞

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. A denial of service vulnerability exists in NVIDIA Triton Inference Server, which stems from an invalid request that could result in a...

7.5CVSS6.6AI score0.0045EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.2 views

PT-2025-32583 · Mattermost · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not properly handle unexpected request bodies. This allows attackers to crash the plugin by repeatedly sending requests with invalid bodie...

7.8CVSS7.2AI score0.00312EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2025/04/11 2:6 p.m.31 views

Vite has an `server.fs.deny` bypass with an invalid `request-target`

Summary The contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. Impact Only apps with the following conditions are affected. - explicitly exposing the Vite dev server to the network using --host or server.host config option - running the Vite de...

6CVSS6.4AI score0.01736EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2025/04/11 2:6 p.m.2 views

GHSA-356W-63V5-8WF4 Vite has an `server.fs.deny` bypass with an invalid `request-target`

Summary The contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. Impact Only apps with the following conditions are affected. - explicitly exposing the Vite dev server to the network using --host or server.host config option - running the Vite de...

6CVSS6.7AI score0.01736EPSS
Exploits2References4
Cvelist
Cvelist
added 2025/04/10 1:25 p.m.18 views

CVE-2025-32395 Vite has an `server.fs.deny` bypass with an invalid `request-target`

Vite is a frontend tooling framework for javascript. Prior to 6.2.6, 6.1.5, 6.0.15, 5.4.18, and 4.5.13, the contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. HTTP 1.1 spec RFC 9112 does not allow in request-target. Although an attacker can sen...

6CVSS0.01736EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/03/22 12:23 p.m.9 views

CVE-2024-12761

A Denial of Service DoS vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting...

7.5CVSS6.8AI score0.00664EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:8 a.m.9 views

CVE-2024-12761 Denial of Service in brycedrennan/imaginairy

A Denial of Service DoS vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting...

7.5CVSS7.5AI score0.00664EPSS
Exploits0References1
CVE
CVE
added 2025/03/20 10:8 a.m.71 views

CVE-2024-12761

The CVE-2024-12761 DoS affects imaginAIry (brycedrennan/imaginairy), v15.0.0. The vulnerability exists in the /api/stablestudio/generate endpoint and is triggered by sending an invalid request, causing the server process to terminate with KILLED and making the service unavailable. Connected docum...

7.5CVSS6.8AI score0.00664EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/02/10 1:6 a.m.4 views

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

9.1CVSS5.8AI score0.00496EPSS
Exploits0References6
OSV
OSV
added 2024/07/29 3:15 p.m.2 views

DEBIAN-CVE-2024-41072

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211wextsiwscan', add extra check whether number of channels passed via 'ioctlsock, SIOCSIWSCAN, ...' doesn't exceed IWMAXFREQUENCIES and reject invalid request with...

5.5CVSS5.6AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.2 views

UBUNTU-CVE-2024-41072

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211wextsiwscan', add extra check whether number of channels passed via 'ioctlsock, SIOCSIWSCAN, ...' doesn't exceed IWMAXFREQUENCIES and reject invalid request with...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References32
UbuntuCve
UbuntuCve
added 2024/03/25 12:0 a.m.31 views

CVE-2021-47170

In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...

5.5CVSS6.6AI score0.00235EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/10/21 12:0 a.m.5 views

The vulnerability of the Bluetooth module of the EMUI operating system of HarmonyOS allows a hacker to disclose protected information.

The vulnerability of the Bluetooth module of the EMUI operating system of HarmonyOS is related to the lack of checks for the validity of incoming requests. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by this system...

7.8CVSS7.1AI score0.00352EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.26 views

Oracle Linux 7 : mod_auth_openidc (ELSA-2019-2112)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2112 advisory. - Resolves: rhbz1626297 - CVE-2017-6413 modauthopenidc: OIDCCLAIM and OIDCAuthNHeader not skipped in an 'AuthType oauth20' configuration rhel-7 Tenable...

8.6CVSS7AI score0.05177EPSS
Exploits0References3
OSV
OSV
added 2023/07/31 10:18 p.m.23 views

GO-2023-1941 Panic when handling invalid request in MITM mode in github.com/elazarl/goproxy

An invalid request can cause a panic when running in MITM mode...

7.5CVSS7.3AI score0.00841EPSS
Exploits1References2
OSV
OSV
added 2023/07/25 10:53 p.m.33 views

GO-2023-1923 Panic when handling invalid HAProxy PROXY v2 request in github.com/mastercactapus/proxyprotocol

Panic when handling invalid HAProxy PROXY v2 request in github.com/mastercactapus/proxyprotocol...

7.5CVSS7.4AI score0.04295EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/05/17 4:0 p.m.2 views

CVE-2023-20162

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

9.8CVSS7.7AI score0.01183EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/05/17 4:0 p.m.5 views

CVE-2023-20161

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

9.8CVSS7.7AI score0.10282EPSS
Exploits0References2
Rows per page
Query Builder