Lucene search
K

283 matches found

CNNVD
CNNVD
added 2024/08/16 12:0 a.m.6 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...

5.4CVSS6.3AI score0.00248EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2024/07/31 7:4 p.m.44 views

K000140528: BIND vulnerability CVE-2024-0760

Security Advisory Description A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions...

7.5CVSS8.1AI score0.0468EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/07/23 2:26 p.m.35 views

CVE-2024-0760 A flood of DNS messages over TCP may make the server unstable

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

7.5CVSS6.9AI score0.0468EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/23 2:26 p.m.280 views

CVE-2024-0760 A flood of DNS messages over TCP may make the server unstable

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

7.5CVSS0.0468EPSS
Exploits0References3
CVE
CVE
added 2024/07/23 2:26 p.m.350 views

CVE-2024-0760

CVE-2024-0760 affects ISC BIND 9, specifically versions 9.18.1–9.18.27, 9.19.0–9.19.24, and 9.18.11-S1–9.18.27-S1. Description: a malicious client can flood the server with DNS messages over TCP, potentially destabilizing the server; recovery is possible after the attack stops. Impact is availabi...

7.5CVSS7.5AI score0.0468EPSS
Exploits0References4
OSV
OSV
added 2024/07/23 12:0 a.m.7 views

UBUNTU-CVE-2024-0760

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

7.5CVSS7.2AI score0.0468EPSS
Exploits0References3
Veracode
Veracode
added 2024/07/04 11:24 a.m.13 views

URL Rewrite

zendframework/zendframework is vulnerable to URL Rewrite. The vulnerability is due to the request URI marshaling logic that introspects HTTP request headers specific to server-side URL rewrite mechanisms. When these headers are present on systems not running the specific URL rewriting mechanism,...

7.2AI score
Exploits0
Amazon
Amazon
added 2024/06/24 12:0 a.m.21 views

Medium: iperf3

Issue Overview: It is possible for a malicious or malfunctioning client to send less than the expected amount of data to the server. If this happens, the server will hang indefinitely waiting for the remainder or until the connection gets closed. Because iperf3 is deliberately designed to service...

5.3CVSS5.9AI score0.00932EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/24 12:0 a.m.26 views

Amazon Linux 2 : iperf3 (ALAS-2024-2579)

The version of iperf3 installed on the remote host is prior to 3.1.7-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2579 advisory. It is possible for a malicious or malfunctioning client to send lessthan the expected amount of data to the server. If this happens,...

5.3CVSS6.1AI score0.00932EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/06/07 10:7 p.m.23 views

Zend-Diactoros URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

7.2AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/06/07 10:1 p.m.27 views

GHSA-JMMP-VH96-78RM Zend-Feed URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

7.5CVSS7.2AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/06/07 10:1 p.m.25 views

Zend-Feed URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

7.2AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/06/07 9:52 p.m.10 views

GHSA-CG8W-5JRC-675G Zend-HTTP URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

7.5CVSS7.2AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/06/07 9:52 p.m.18 views

Zend-HTTP URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

7.2AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/06/07 8:55 p.m.8 views

GHSA-FH7R-58Q4-6387 Zendframework URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

4.7CVSS7.2AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/04 8:54 a.m.11 views

CVE-2024-5000 CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products

An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size...

7.5CVSS7.2AI score0.00569EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.4 views

moby/buildkit: Possible race condition with accessing subpaths from cache mounts

A vulnerability was found in the Moby Builder Toolkit. A malicious BuildKit client or any frontend that can craft a request could lead to the BuildKit daemon crashing with a panic due to the lack of input validation. A frontend is usually specified as the syntax line on a Dockerfile or with the...

5.3CVSS7.1AI score0.00957EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/05/15 12:0 a.m.32 views

Amazon Linux 2 : edk2 (ALAS-2024-2539)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2539 advisory. Issue summary: Some non-default TLS server configurations can cause unboundedmemory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to...

5.9CVSS6.5AI score0.54026EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.23 views

Fedora 40 : doctl (2023-72ab10f1de)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-72ab10f1de advisory. Automatic update for doctl-1.101.0-2.fc40. Changelog Sat Dec 9 2023 Mikel Olasagasti Uranga - Update to 1.101.0 - Closes rhbz2253730 rhbz2248265 Tenable has...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
NVD
NVD
added 2024/04/19 3:15 p.m.16 views

CVE-2023-49275

Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when analysisd receives a syscollector message with th...

6.5CVSS6.3AI score0.00881EPSS
Exploits1References3
Rows per page
Query Builder