1881 matches found
CVE-2021-22883
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unabl...
Design/Logic Flaw
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unabl...
CVE-2021-22883
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unabl...
CVE-2021-22883
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unabl...
Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
RHEL 8 : java-1.8.0-ibm (RHSA-2021:0530)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0530 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...
Apache Thrift 资源管理错误漏洞
Apache Thrift is a scalable cross-language service development framework. A denial of service vulnerability exists in Apache Thrift that allows malicious RPC clients to send ultra-short messages, allocate extremely large memory allocations, and can crash applications. No detailed vulnerability...
The memory usage for SoapServer and StreamService keeps increasing slowly in the PVS server
According to our observation, the memory usage for SoapServer and StreamService keeps increasing slowly in the PVS server. The whole memory usage of that server is low. memory usage meansPrivate Working Set + Shared Working Set...
CentOS 8 : java-1.8.0-openjdk (CESA-2020:4347)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4347 advisory. - OpenJDK: High memory usage during deserialization of Proxy class with many interfaces Serialization, 8236862 CVE-2020-14779 - OpenJDK: Credentials se...
CentOS 8 : java-11-openjdk (CESA-2020:4305)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4305 advisory. - OpenJDK: High memory usage during deserialization of Proxy class with many interfaces Serialization, 8236862 CVE-2020-14779 - OpenJDK: Credentials se...
CentOS 8 : java-11-openjdk (CESA-2020:2970)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2970 advisory. - OpenJDK: Incorrect handling of access control context in ForkJoinPool Libraries, 8237117 CVE-2020-14556 - OpenJDK: Excessive memory usage in ImageIO...
Heap overflow
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC Modular Port Concentrator where Integrated Routing and Bridging IRB interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge CE device may cause memory leak...
Cisco Firepower Management Center XML Entity Extension Vulnerability
Cisco Firepower Management Center is the nerve center for managing Cisco network security solutions, improving the effectiveness of Cisco network security solutions by providing centralized, integrated, and simplified management. An XML entity extension vulnerability exists in the dashboard widge...
CVE-2020-35494
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils...
CVE-2020-35875
An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...
CVE-2020-35875
An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...
Design/Logic Flaw
An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...
CVE-2020-35875
An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...
CVE-2020-35875
An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...