Lucene search
K

7 matches found

Snyk
Snyk
added 2026/06/09 5:5 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

8.7CVSS5.3AI score0.0243EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 7:10 p.m.8 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the FormDataReader.ProcessFormKeys function when a form key contains an opening without a matching . An attacker can cause the application to become unresponsive by sending specially crafted network requests that trigge...

8.7CVSS5.8AI score0.0243EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 11:27 p.m.11 views

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

8.7CVSS6.2AI score0.02279EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.7 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...

7.5CVSS8.7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2024/05/14 8:30 p.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...

6.3CVSS8AI score0.01248EPSS
Exploits0References2
Snyk
Snyk
added 2024/02/13 7:49 p.m.8 views

Resource Exhaustion

Overview Affected versions of this package are vulnerable to Resource Exhaustion due to improper handling of certain requests in applications using SignalR. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

7.5CVSS7AI score0.024EPSS
Exploits0References2
Snyk
Snyk
added 2022/10/21 8:29 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when the Kestrel web server processes certain HTTP/2 and HTTP/3 requests. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

7.5CVSS7.9AI score0.03739EPSS
Exploits0References2
Rows per page
Query Builder