25 matches found
Denial Of Service (DoS)
firefox is vulnerable to denial of service. Memory corruption due to missing sign-extension for ValueTags on ARM64 allows an attacker to crash the application...
DEBIAN-CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...
CVE-2019-19484
Open redirect via parameter āpā in login.php in Centreon 19.04.4 and below allows an attacker to craft a payload and execute unintended behavior...
LFCMS 3.7.0 Cross Site Request Forgery
Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: administrator account can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203899.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html Version: 3.7.0 CVE :...
Aspen: No Rate Limit (Leads to huge email flooding/email bombing)
Dear sir, At first,i want to say that this sensitive action definitely should be set with rate limit. Note:-This is about huge bombing/brute force on any endpoints. Vulnerability:- -No rate limit has been set for generating account confirmation emails for accounts on above selected domain which i...