Lucene search
K

5103 matches found

RedHat Linux
RedHat Linux
added 2020/03/23 8:21 a.m.2 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2020/01/29 3:27 p.m.258 views

Critical Flaws in Magento e-Commerce Platform Allow Code-Execution

Critical vulnerabilities in Adobe’s Magento e-commerce platform – a favorite target of the Magecart cybergang – could lead to arbitrary code execution. Adobe issued patches on Tuesday as part of its overall release of the Magento 2.3.4 upgrade, giving the fixes a “priority 2” rating. In Adobe...

10CVSS1.5AI score0.13964EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2020/01/28 3:15 p.m.22 views

CVE-2013-1437

Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value...

9.8CVSS7.6AI score0.02943EPSS
Exploits0References1
OSV
OSV
added 2020/01/23 4:57 p.m.4 views

USN-4233-2 gnutls28 update

USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFYALLOWBROKEN and %VERIFYALLOWSIGNWITHSHA1 priority strings that can be used to temporarily re-enable SHA1 until...

5.8AI score
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2019-1650)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.06593EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.40 views

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.04028EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2020/01/14 2:52 p.m.4 views

Adobe Releases First 2020 Patch Tuesday Software Updates

Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It's the first Patch Tuesday for the year 2020 and one of the lightest patch releases in a long time for Adobe users...

6.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2019/12/20 3:15 p.m.14 views

CVE-2012-6111

gnome-keyring does not discard stored secrets when using gnomekeyringlockallsync function...

7.5CVSS7.1AI score0.01541EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2019/12/18 6:32 p.m.41 views

Google Offers Financial Support to Open Source Projects for Cybersecurity

Besides rewarding ethical hackers from its pocket for responsibly reporting vulnerabilities in third-party open-source projects, Google today announced financial support for open source developers to help them arrange additional resources, prioritizing the security of their products. The...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/12/03 12:0 a.m.39 views

EulerOS Virtualization for ARM 64 3.0.3.0 : haproxy (EulerOS-SA-2019-2329)

According to the versions of the haproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing...

7.5CVSS6.5AI score0.06593EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/26 8:1 p.m.2 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/26 7:58 p.m.4 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/26 7:57 p.m.4 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/26 7:57 p.m.3 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/20 4:22 p.m.1 views

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.82017EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/20 4:22 p.m.1 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/20 4:14 p.m.1 views

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.82017EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/20 4:14 p.m.6 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/20 4:8 p.m.4 views

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.82017EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/11/20 4:8 p.m.5 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
Rows per page
Query Builder