17 matches found
nodejs: Nodejs denial of service
A denial of service flaw has been discovered in NodeJS. A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of...
EUVD-2009-5122
Malware in sbrugna...
EUVD-2025-25446
Malicious code in bioql PyPI...
CVE-2009-20009
Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler. When a specially crafted HTTP request is sent with an oversized Authorization header, the application fails to properly validate the input length before...
Allocation of Resources Without Limits or Throttling
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to an HTTP GET request with an extremely large header being sent. An attacker can exhaust...
CVE-2025-48956 vLLM API endpoints vulnerable to Denial of Service Attacks
vLLM is an inference and serving engine for large language models LLMs. From 0.1.0 to before 0.10.1.1, a Denial of Service DoS vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion,...
squid: denial of service in HTTP request parsing
A flaw was found in Squid, which is susceptible to a Denial of Service DoS due to an Uncontrolled Recursion bug, specifically targeting HTTP Request parsing. Exploiting this issue involves a remote client initiating a DoS attack by sending an oversized X-Forwarded-For header when the...
squid: denial of service in HTTP request parsing
A flaw was found in Squid, which is susceptible to a Denial of Service DoS due to an Uncontrolled Recursion bug, specifically targeting HTTP Request parsing. Exploiting this issue involves a remote client initiating a DoS attack by sending an oversized X-Forwarded-For header when the...
squid: denial of service in HTTP request parsing
A flaw was found in Squid, which is susceptible to a Denial of Service DoS due to an Uncontrolled Recursion bug, specifically targeting HTTP Request parsing. Exploiting this issue involves a remote client initiating a DoS attack by sending an oversized X-Forwarded-For header when the...
squid: denial of service in HTTP request parsing
A flaw was found in Squid, which is susceptible to a Denial of Service DoS due to an Uncontrolled Recursion bug, specifically targeting HTTP Request parsing. Exploiting this issue involves a remote client initiating a DoS attack by sending an oversized X-Forwarded-For header when the...
Squid security vulnerability
Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid versions 2.6 through 2.7.STABLE9, 3.1 through 5.9, and 6.0.1 through 6.5, whi...
SUSE CVE-2016-6817
The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible...
UBUNTU-CVE-2018-11095
The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service Segmentation fault and application crash or possibly have unspecified other impact...
Monkey HTTPD security vulnerabilities
Crash on NULL byte in request. Buffer overflow on oversized header...
yaws Web server DoS
DoS via HTTP request with oversized header...
Pan DoS
DoS on reading article with oversized header...
Microsoft IIS local ASP DoS
Insertion of oversized header line via Response.AddHeader causes server to crash...