15 matches found
minaliC 2.0.0 Denial Of Service
!/usr/bin/perl use Socket; Exploit Title: minaliC 2.0.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 03 january 2024 Vendor Homepage: http://minalic.sourceforge.net/ Download to demo: https://drive.google.com/file/d/1WoDbps6up2s5Xa40YXDSABRU9J17yRQd/view?usp=sharing...
Denial of service in Mattermost
A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data...
GHSA-V42F-HQ78-8C5M Denial of service in Mattermost
A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data...
Contract TribeRedeemer: User might not redeem with large amount
Lines of code Vulnerability details 2022-09-tribe Contract TribeRedeemer: User might not redeem with large amount tags: c4, 2022-09-tribe, medium Affected code Impact After many redemptions of contract TribeRedeemer, redeemBase will be reduced and might not be still large. Then users can not rede...
CVE-2020-29540
API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web...
Red Hat JBoss Enterprise Application Platform 7.x < 7.2.5 Multiple Vulnerabilities
The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 7.x prior to 7.2.5. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:4021 advisory: - undertow: HTTP/2: large amount of data requests leads to denial of service...
Denial of service in django
The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...
Regular Expression Denial Of Service (ReDoS)
brace-expansion is vulnerable to regular expression denial of service ReDoS attacks. A malicious user can pass a string containing a large amount of commas to cause the package to hang...
CVE-2016-2106
Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data...
haneWIN DNS服务器缓冲区溢出漏洞
BUGTRAQ ID: 65287 haneWIN DNS Server是Windows平台上的DNS服务器。 haneWIN DNS Server 1.5.3及其他版本在处理大量数据时存在SEH溢出,攻击者可利用此漏洞在应用上下文中执行任意代码。 0 hanewin haneWIN DNS Server 1.5.3 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.hanewin.net/dns-e.htm !/usr/bin/python Exploit Title: haneWIN DNS Server SEH...
CVE-2013-4627
Removed by vendor...
CVE-2011-3954
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service application crash via vectors that trigger a large amount of database usage...
Design/Logic Flaw
The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...
Linux Kernel <= 2.6.33.3 SCTP INIT Remote DoS
Exploit for linux platform in category dos / poc ============================================= Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and...
Buffer overflow
Multiple buffer overflows in the 1 vGetPost and 2 main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact...