14 matches found
CVE-2026-22925
A vulnerability has been identified in SIMATIC CN 4100 All versions V5.0. The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets This could allow an attacker to render the service unavailable and cause denial-of-service conditions by...
Cisco Secure Firewall Adaptive Security Appliance Software TCP Flood Denial of Service Vulnerability
A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly. This vulnerability is due to improper handling of new,...
CVE-2026-1875
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service DoS condition on the products by continuously sending UDP packets to the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001178)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001178 advisory. The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote...
Streamlining HTTP Flooding Attack Detection through Incremental Feature Selection
Applications over the Web primarily rely on the HTTP protocol to transmit web pages to and from systems. There are a variety of application layer protocols, but among all, HTTP is the most targeted because of its versatility and ease of integration with online services. The attackers leverage the...
Important: ecs-service-connect-agent
Issue Overview: Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230section-6.7 a server sends 101 wh...
Memcached 资源管理错误漏洞
Memcached is the United States Brad Fitzpatrick Brad Fitzpatrick individual developers of a high-performance distributed memory object caching system. The system reduces the number of database reads by caching data and objects in memory, thus increasing the speed of website access. A security...
HTTP/2: flood using PRIORITY frames results in excessive resource consumption
A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...
UBUNTU-CVE-2019-10079
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn't limit the number of setting frames sent from the client using the HTTP/2 protocol. Users should upgrade to Apache Traffic Server 7.1.7, 8.0.4, or later versions...
Junos OS: Nexthop index allocation failed: private index space exhausted after incoming ARP requests to management interface
A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces IRIs next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existin...
DEBIAN-CVE-2018-7286
An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...
Digium Asterisk Open Source and Certified Asterisk 'INVITE' Denial of Service Vulnerabilities
Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A denial of service vulnerability exists in...
The vulnerability of the embedded software on FANUC 32i numerical control machines allows a malicious individual to disrupt the TCP/IP stack’s operation and cause malfunctions during maintenance.
The software of FANUC 32i numerical control machines contains a vulnerability that makes the software vulnerable to ICMP Flood attacks. Exploiting this vulnerability allows a malicious individual to disrupt the TCP/IP stack and cause service failures...
PT-2004-1001 · Fanuc +7 · Fanuc 32I +8
Name of the Vulnerable Software and Affected Versions: Transmission Control Protocol TCP affected versions not specified FANUC 32i affected versions not specified All Cisco products which contain a TCP stack affected versions not specified FortiOS affected versions not specified Description: The...