CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Vulnrichment•added 2026/03/13 7:53 p.m.•0 views

CVE-2026-32314 Yamux remote Panic via malformed Data frame with SYN set and len = 262145

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...

8.7CVSS5.8AI score0.0011EPSS

Exploits1References1

NVD•added 2025/12/02 10:16 p.m.•3 views

CVE-2025-55181

Sending an HTTP request/response body with greater than 2^31 bytes triggers an infinite loop in proxygen::coro::HTTPQuicCoroSession which blocks the backing event loop and unconditionally appends data to a std::vector per-loop iteration. This issue leads to unbounded memory growth and eventually...

5.3CVSS0.00024EPSS

Exploits0References2

Positive Technologies•added 2025/12/02 12:0 a.m.•3 views

PT-2025-48784

Name of the Vulnerable Software and Affected Versions proxygen affected versions not specified Description An excessively large HTTP request or response body—greater than 2^31 bytes—can cause an infinite loop within the proxygen::coro::HTTPQuicCoroSession component. This loop obstructs the event...

5.3CVSS6.5AI score0.00024EPSS

Exploits0References6

Tenable Nessus•added 2025/08/19 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-46292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service DoS via a crafted input inserted into the name parameter. NOTE: this is...

7.5CVSS5.3AI score0.008EPSS

Exploits0References2

RedHat Linux•added 2024/04/30 9:51 a.m.•2 views

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

5.3CVSS7.3AI score0.00123EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:49 a.m.•1 views

SUSE CVE-2011-4971

Multiple integer signedness errors in the 1 processbinsaslauth, 2 processbincompletesaslauth, 3 processbinupdate, and 4 processbinappendprepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service crash via a large body length value in a packet...

5CVSS6.8AI score0.46068EPSS

Exploits3References5

Veracode•added 2022/07/12 4:47 a.m.•26 views

Denial Of Service (DoS)

github.com/kubeedge/kubeedge is vulnerable to denial of service. An attacker can crash the application by sending a malicious HTTP request with a large body into the registerValidateWebhook function of common.go...

6.5CVSS6.1AI score0.00281EPSS

Exploits0References7Affected Software1

Veracode•added 2018/05/21 7:29 a.m.•16 views

Denial Of Service (DoS)

github.com/minio/minio is vulnerable to denial of service DoS attacks. The application reads the entire body of a V4 request body into memory during checksum verification, allowing a malicious user to crash the application by sending a V4 request with a large body...

7.5CVSS7.2AI score0.00403EPSS

Exploits0References2Affected Software1

OSV•added 2013/07/15 3:55 p.m.•2 views

DEBIAN-CVE-2013-2765

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service NULL pointer dereference, process crash, and disk consumption via a POST request with a large body and a crafted Content-Type header...

5CVSS6.7AI score0.05375EPSS

Exploits4References1