Lucene search
K

61 matches found

RedHat Linux
RedHat Linux
added 2025/03/05 2:29 p.m.4 views

django: potential denial-of-service vulnerability in IPv6 validation

A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions cleanipv6address and isvalidipv6address were vulnerable, as was the...

7.5CVSS7.1AI score0.01854EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.10 views

PT-2025-8660 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A signed integer overflow issue has been identified in the Linux kernel, specifically in the ipv6 component, related to the l2tp ip6 sendmsg function. This occurs when the length len i...

7.8CVSS8AI score0.93838EPSS
Exploits22References491
OSV
OSV
added 2025/01/14 6:54 p.m.5 views

CVE-2025-23041 Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms

Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade...

5.8CVSS6.8AI score0.00363EPSS
Exploits0References3
OSV
OSV
added 2025/01/11 1:15 p.m.11 views

UBUNTU-CVE-2024-53685

In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATHMAX If the full path to be built by cephmdscbuildpath happens to be longer than PATHMAX, then this function will enter an endless retry loop, effectively blocking the whole task. Most of the...

5.5CVSS6.2AI score0.00217EPSS
Exploits0References33
Cvelist
Cvelist
added 2024/07/16 11:43 a.m.33 views

CVE-2022-48806 eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX

In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...

0.00281EPSS
Exploits0References5
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.7 views

Gas Cost Vulnerability

Lines of code Vulnerability details The fuse function iterates through the provided characterList to check for duplicate characters and validate the trays. If the length of characterList is too high, the gas cost for executing the fuse function will also be high, potentially reaching the block ga...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.4 views

SUSE CVE-2016-7944

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INTMAX, which triggers the client to stop reading data and get out of sync...

9.8CVSS8.1AI score0.03395EPSS
Exploits0References7
OSV
OSV
added 2022/02/16 9:15 p.m.4 views

ALPINE-CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

9.8CVSS7.4AI score0.02376EPSS
Exploits0References1
OSV
OSV
added 2022/02/16 9:15 p.m.3 views

DEBIAN-CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

9.8CVSS9AI score0.02376EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/09/21 12:0 a.m.3 views

CVE-2021-41531

NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation...

7.5CVSS7.1AI score0.009EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/02/05 12:0 a.m.7 views

PT-2022-20313 · Lighttpd +1 · Lighttpd +1

Name of the Vulnerable Software and Affected Versions: Lighttpd versions 1.4.56 through 1.4.58 Description: The issue allows a remote attacker to cause a denial of service due to CPU consumption from stuck connections. This is because a typo in the connection read header more function in...

7.5CVSS7.2AI score0.56418EPSS
Exploits3References17
OSV
OSV
added 2019/08/30 9:15 a.m.5 views

CVE-2019-1969

A vulnerability in the implementation of the Simple Network Management Protocol SNMP Access Control List ACL feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The...

5.3CVSS6.1AI score0.01365EPSS
Exploits0References1
Hacker One
Hacker One
added 2017/06/06 5:15 a.m.22 views

Mixmax: no string size restriction on team name

To limit unintended effects across our UI and infrastructure, we put a maximum length on team names...

2.2AI score
Exploits0
Hacker One
Hacker One
added 2017/04/26 12:17 a.m.26 views

Weblate: Specify maximal length in new comment

Hi, I tried to put this new comment in a translation and I got error. Message: asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk jashkdsakdj asjdk jsahd jkhsahdk...

Exploits0
OSV
OSV
added 2016/12/13 8:59 p.m.4 views

UBUNTU-CVE-2016-7944

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INTMAX, which triggers the client to stop reading data and get out of sync...

9.8CVSS7.3AI score0.03395EPSS
Exploits0References5
Nmap
Nmap
added 2016/12/08 9:17 p.m.150 views

tso-brute NSE Script

TSO account brute forcer. This script relies on the NSE TN3270 library which emulates a TN3270 screen for NMAP. TSO user IDs have the following rules: - it cannot begin with a number - only contains alpha-numeric characters and @, , $. - it cannot be longer than 7 chars Script Arguments...

10CVSS9.2AI score0.99448EPSS
Exploits33
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.14 views

Fedora 23 : php-symfony (2016-f36247d441)

Version 2.7.13 2016-05-09 - security 18733 limited the maximum length of a submitted username fabpot - bug 18730 FrameworkBundle prevent calling get for servicecontainer service xabbuh - bug 18709 DependencyInjection top-level anonymous services must be public xabbuh - bug 18692 add Event...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.17 views

Fedora 24 : php-symfony (2016-224edc14dd)

Version 2.7.13 2016-05-09 - security 18733 limited the maximum length of a submitted username fabpot - bug 18730 FrameworkBundle prevent calling get for servicecontainer service xabbuh - bug 18709 DependencyInjection top-level anonymous services must be public xabbuh - bug 18692 add Event...

5.5AI score
Exploits0References1
Symfony
Symfony
added 2013/09/23 12:0 a.m.26 views

CVE-2013-5750: Security issue in FOSUserBundle login form

Django recently released a new version of their framework to address a possible DOS attack when an attacker uses a very long password on a login form. One of the best practices for passwords is to store a hash of the password instead of the raw value. In Symfony, the encoders are responsible for...

5CVSS5.8AI score0.01232EPSS
Exploits0
NVD
NVD
added 2010/06/08 12:30 a.m.18 views

CVE-2010-1849

The mynetskiprest function in sql/netserv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service CPU and bandwidth consumption by sending a large number of packets that exceed the maximum length...

5CVSS6.2AI score0.03723EPSS
Exploits1References12
Rows per page
Query Builder