GHSA-7HMV-4J2J-PP6F PocketMine-MP: Network amplification vulnerability with `ActorEventPacket`

Impact The server handles ActorEventPacket to trigger consuming animations from vanilla clients when they eat food or drink potions. This can be abused to make the server spam other clients, and to waste server CPU and memory. For every ActorEventPacket sent by the client, an animation event will...

Insufficient Control of Network Message Volume (Network Amplification)

Overview pocketmine/pocketmine-mp is a highly customisable, open source server software for Minecraft: Bedrock Edition written in PHP Affected versions of this package are vulnerable to Insufficient Control of Network Message Volume Network Amplification in the handling of ActorEventPacket. An...

RHEL 7 : memcached (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - memcached: Integer Overflow in items.c:itemfree CVE-2018-1000127 - The tryreadcommand function in...

RHEL 7 : memcached (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - memcached: Integer Overflow in items.c:itemfree CVE-2018-1000127 - The tryreadcommand function in...

K63525027: Memcached vulnerability CVE-2018-1000115

Security Advisory Description Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has bee...

SUSE CVE-2007-2242

The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers IPV6RTHDRTYPE0 that create network amplification between two routers...

SUSE CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has been reported by reliable sources...

CVE-2014-125036 drybjed ansible-ntp main.yml amplification

A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done within the local...

CVE-2021-38429 OCI OpenDDS Secure Network Amplification

OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure...

CVE-2021-38429 OCI OpenDDS Secure Network Amplification

OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure...

CVE-2021-38425 eProsima Fast DDS Network Amplification

eProsima Fast DDS versions prior to 2.4.0 2269 are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in a denial-of-service condition and information exposure...

CVE-2021-38425 eProsima Fast DDS Network Amplification

eProsima Fast DDS versions prior to 2.4.0 2269 are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in a denial-of-service condition and information exposure...

CVE-2021-43547 TwinOaks Computing CoreDX DDS Secure Network Amplification

TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...

CVE-2021-38487 Potential Network Amplification and Information Exposure in RTI Connext Professional and Connext Micro

RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...

CVE-2021-38487 Potential Network Amplification and Information Exposure in RTI Connext Professional and Connext Micro

RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...

SUSE: Security Advisory (SUSE-SU-2018:0955-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Acronis: Blind SSRF vulnerability on cz.acronis.com

Vulnerability description not provided...

Huawei EulerOS: Security Advisory for memcached (EulerOS-SA-2020-2208)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : unbound (EulerOS-SA-2020-1971)

According to the versions of the unbound package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers ar...

EulerOS Virtualization 3.0.6.0 : memcached (EulerOS-SA-2020-1784)

According to the versions of the memcached package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability...