Lucene search
+L

4 matches found

nvd
nvd
added 2024/06/04 9:15 p.m.32 views

CVE-2024-32974

Envoy is a cloud-native, open source edge and service proxy. A crash was observed in EnvoyQuicServerStream::OnInitialHeadersComplete with following call stack. It is a use-after-free caused by QUICHE continuing push request headers after StopReading being called on the stream. As after StopReadin...

7.5CVSS5.8AI score0.00693EPSS
Exploits1References1
osv
osv
added 2023/12/19 2:15 p.m.4 views

CVE-2023-6868

In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. This bug only affects Firefox on Android. This vulnerability affects Firefox 121...

4.3CVSS7.3AI score0.00493EPSS
Exploits0References3
mozilla
mozilla
added 2023/12/19 12:0 a.m.153 views

Security Vulnerabilities fixed in Firefox 121 — Mozilla

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. Multiple NSS NIST curves were susceptible to a side-channel attack known as...

8.8CVSS9.1AI score0.20472EPSS
Exploits0References18Affected Software1
osv
osv
added 2022/05/17 12:13 a.m.16 views

GHSA-XFXV-F945-4QV6 JBoss RichFaces Improper Input Validation vulnerability

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...

4.3CVSS8.9AI score0.01463EPSS
Exploits3References7
Rows per page
Query Builder