1880 matches found
PYSEC-2019-179
The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656...
PYSEC-2019-179
The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656...
CVE-2019-1010083
The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656...
CVE-2019-1010083
CVE-2019-1010083 affects the Pallets Project Flask before 1.0, where crafted encoded JSON data can cause unexpected memory usage leading to denial of service. The fix is upgrading to Flask 1.0 (or later). This entry may overlap with CVE-2018-1000656 per multiple sources.
CVE-2019-1010083
The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656...
PT-2019-11460 · Pallets +1 · Flask +1
Name of the Vulnerable Software and Affected Versions: The Pallets Project Flask versions prior to 1.0 Description: The issue is related to unexpected memory usage, which can lead to denial of service. The attack vector involves crafted encoded JSON data. Recommendations: For versions prior to 1....
LiveZilla Server Denial of Service Vulnerability
LiveZilla Server is a free online customer service system from LiveZilla Germany. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A denial of service vulnerability exists in the knowledgebase.php...
CocoaDebug - iOS Debugging Tool
iOS Debugging Tool Shake to hide or show the black bubble. support both device and simulator Long press the black bubble to show UIDebuggingInformationOverlay. Apple's Private API, support iOS 10/11/12 Application memory usage and FPS. List all print and NSLog messages which have been written by...
Nginx 1.15.x < 1.15.6 Multiple Vulnerabilties
According to its Server response header, the installed version of nginx is 1.x prior to 1.14.1 or 1.15.x prior to 1.15.6. It is, therefore, affected by the following issues : - An unspecified error exists related to the module 'ngxhttpv2module' that allows excessive memory usage. CVE-2018-16843 -...
Nginx 1.x < 1.14.1 Multiple Vulnerabilties
According to its Server response header, the installed version of nginx is 1.x prior to 1.14.1 or 1.15.x prior to 1.15.6. It is, therefore, affected by the following issues : - An unspecified error exists related to the module 'ngxhttpv2module' that allows excessive memory usage. CVE-2018-16843 -...
Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability
A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service DoS condition...
Security update for python-Flask (low)
openSUSE Security Update: Security update for python-Flask Announcement ID: openSUSE-SU-2019:1112-1 Rating: low References: 1106279 Cross-References: CVE-2018-1000656 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...
UBUNTU-CVE-2018-12545
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations require...
openSUSE Security Update : python-Django (openSUSE-2019-614)
This update for python-Django to version 2.08 fixes the following issues : The following security vulnerability was fixed : - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed : - Fixed a regression in Django 2.0.7 that broke the...
SUSE-SU-2019:0657-1 Security update for python-Flask
This update for python-Flask to version 0.12.4 fixes the following issues: Security issue fixed: - CVE-2018-1000656: Fixed an improper input validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. bsc1106279...
PT-2019-3473 · Apache +8 · Apache Traffic Server +9
Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions affected versions not specified Apache HTTP Server versions affected versions not specified Node.js versions affected versions not specified Description: The issue is related to errors in the mechanism controlli...
MGASA-2019-0086 Updated python-django packages fix security vulnerability
If django.utils.numberformat.format -- used by contrib.admin as well as the floatformat, filesizeformat, and intcomma templates filters -- received a Decimal with a large number of digits or a large exponent, it could lead to significant memory usage due to a call to ':f'.format CVE-2019-6975...
The vulnerability of the Libvirt virtualization management library, related to a bug that leads to excessive memory consumption, allows a hacker to trigger a service failure.
The vulnerability of the Libvirt virtualization management library is related to an error that causes excessive memory consumption when processing large data streams by QEMU. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
CVE-2018-6981
CVE-2018-6981 describes an uninitialized stack memory issue in the vmxnet3 virtual network adapter that could allow a guest to execute code on the host. Affected VMware products include ESXi 6.7 (without ESXi670-201811401-BG), ESXi 6.5 (without ESXi650-201811301-BG), ESXi 6.0 (without ESXi600-201...
[SECURITY] Fedora 29 Update: nginx-1.14.1-2.fc29
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...