7 matches found
CVE-2025-69199
Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request data through these...
PT-2026-2490
Name of the Vulnerable Software and Affected Versions Go versions prior to 1.26 Release Candidate 3 Description The issue resides within the crypto/tls package, specifically during TLS session resumption. If the underlying Config object has its ClientCAs or RootCAs fields modified between the...
CVE-2023-29046
Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...
PT-2023-8498
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3 Description The issue is related to the IPv6 implementation in the Linux kernel, specifically with the net/ipv6/route.c file. It involves incorrect handling of boundary conditions, potentially allowing a remo...
CODESYS Gateway Server 资源管理错误漏洞
CODESYS Gateway Server is an extended CODESYS gateway from CODESYS Corporation that connects CODESYS automation servers to CODESYS PLCs in the local network. A resource management error vulnerability exists in CODESYS Gateway Server V2 that stems from insufficient inspection of TCP client...
CVE-2021-26111
A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the device...
Amazon Linux AMI : bind (ALAS-2019-1244)
A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...