CVE-2025-45160

A HTML injection vulnerability exists in the file upload functionality of Cacti " port port="80" protocol="tcp" accept' firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="" port port="443" protocol="tcp" accept' firewall-cmd --reload Replace with the actual IP address or...

SUSE CVE-2021-47865

ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access...

EUVD-2018-14276

Malware in sbrugna...

CVE-2025-41425

DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent legitimate users from accessing the web interface...

CVE-2025-48462

Successful exploitation of the vulnerability could allow an attacker to consume all available session slots and block other users from logging in, thereby preventing legitimate users from gaining access to the product...

CVE-2019-0322

SAP Commerce Cloud previously known as SAP Hybris Commerce, HYCOM, versions 6.3, 6.4, 6.5, 6.6, 6.7, 1808, 1811, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

Microsoft Entra ID Lockouts After MACE App Flags Legit Users

Was your Microsoft Entra ID account locked? Find out about the recent widespread lockouts caused by the new…...

CVE-2024-30218

The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on availability...

SAP NetWeaver ABAP Application Server和ABAP Platform 资源管理错误漏洞

SAP NetWeaver and ABAP Application Server are both products of SAP, Germany.SAP NetWeaver is an integrated service-oriented application platform. SAP NetWeaver is an integrated, service-oriented application platform that provides a development and runtime environment for SAP applications.ABAP...

freeSSHd 1.0.9 Denial Of Service

!/usr/bin/perl use IO::Socket; Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 13 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: freeSSHd 1.0.9 - Denial of Service DoS Tested on: Window XP...

Denial Of Service (DoS)

libde265.so is vulnerable to Denial of Service DoS. The vulnerability is due to the slicesegmentheader function in the slice.cc component. An attacker is able to cause a DoS condition by crafting a specially crafted file and tricking the system into processing it. This could disrupt service on th...

Denial Of Service (DoS)

squid gitlab is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to a vulnerable Squid instance. The request would cause Squid to consume excessive resources and crash, which would prevent legitimate users from being abl...

Denial Of Service (DoS)

openssl gitlab is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by tricking a user into processing a specially crafted DH key or parameter. The vulnerable application would then attempt to generate or check the DH key or parameter, which would consume excessive...

CVE-2023-3603

A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticat...

Siemens SICAM P850 and SICAM P855 Improper Neutralization of Input During Web Page Generation (CVE-2022-29882)

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P855 All versions V3.00. Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses th...

Spoofing

A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxure™ Cybersecurity Admin Expert CAE Versions prior to 2.2...

CVE-2022-2569

The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users...

CVE-2022-2569 ARC Informatique PcVue

The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users...

CVE-2022-31803

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connectio...

SAP SQL Anywhere Denial of Service Vulnerability

SAP SQL Anywhere is an SAP-specific relational database management system from SAP, a German company. SAP SQL Anywhere suffers from a denial-of-service vulnerability that can be exploited by an authenticated attacker to crash the server and prevent legitimate users from accessing the SQL Anywhere...