Lucene search
+L

169 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/24 12:0 a.m.45 views

MySQL Enterprise Monitor 4.x < 4.0.10 / 8.x < 8.0.15 DoS (Jul 2019 CPU)

A denial of service DoS vulnerability exists in MySQL Enterprise Monitor due the use of a vulnerable Spring Framework version. Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for rang...

7.5CVSS7.3AI score0.09513EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/07/23 3:10 p.m.4 views

springframework: DoS Attack via Range Requests

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7.2AI score0.09513EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2020/06/15 7:34 p.m.83 views

Denial of Service in Spring Framework

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS2AI score0.09513EPSS
Exploits0References23Affected Software1
OSV
OSV
added 2020/06/15 7:34 p.m.36 views

GHSA-FFVQ-7W96-97P7 Denial of Service in Spring Framework

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7.2AI score0.09513EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2020/03/26 3:46 p.m.6 views

springframework: DoS Attack via Range Requests

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7.2AI score0.09513EPSS
Exploits0References5
OSV
OSV
added 2018/11/03 11:55 a.m.5 views

MGASA-2018-0430 Updated lighttpd packages fix security vulnerabilities

Updated lighttpd package fixes security vulnerabilities: Potential path traversal with specific configs or in some use cases in modalias. use-after-free invalid Range requests in core. Process headers after combining folded headers in core. Skip username "." and ".." in moduserdir...

7.3AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/10/25 12:49 p.m.35 views

CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS1.4AI score0.09513EPSS
Exploits0References2
NVD
NVD
added 2018/10/18 10:29 p.m.27 views

CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7.3AI score0.09513EPSS
Exploits0References21
Prion
Prion
added 2018/10/18 10:29 p.m.24 views

Denial of service

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

5CVSS8.1AI score0.09513EPSS
Exploits0References21Affected Software40
OSV
OSV
added 2018/10/18 10:29 p.m.36 views

CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7AI score0.09513EPSS
Exploits0References21
OSV
OSV
added 2018/10/18 10:29 p.m.3 views

DEBIAN-CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS8.6AI score0.09513EPSS
Exploits0References1
OSV
OSV
added 2018/10/18 10:29 p.m.3 views

UBUNTU-CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7.2AI score0.09513EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/10/18 10:0 p.m.35 views

CVE-2018-15756 DoS Attack via Range Requests

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS8.2AI score0.09513EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2018/10/18 10:0 p.m.37 views

CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controlle...

7.5CVSS7.4AI score0.09513EPSS
Exploits0
OSV
OSV
added 2018/08/29 1:29 p.m.3 views

DEBIAN-CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

5.3CVSS6.8AI score0.06895EPSS
Exploits0References1
OSV
OSV
added 2018/08/29 1:29 p.m.4 views

UBUNTU-CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

5.3CVSS7.1AI score0.06895EPSS
Exploits0References6
Jake Archibald's Blog
Jake Archibald's Blog
added 2018/06/20 2:17 p.m.182 views

I discovered a browser bug

I accidentally discovered a huge browser bug a few months ago and I'm pretty excited about it. Security engineers always seem like the "cool kids" to me, so I'm hoping that now I can be part of the club, and y'know, get into the special parties or whatever. I've noticed that a lot of these securi...

4.3CVSS6.5AI score0.02673EPSS
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2018/06/20 2:17 p.m.48 views

I discovered a browser bug

I accidentally discovered a huge browser bug a few months ago and I'm pretty excited about it. Security engineers always seem like the "cool kids" to me, so I'm hoping that now I can be part of the club, and y'know, get into the special parties or whatever. I've noticed that a lot of these securi...

4.3CVSS6.5AI score0.02673EPSS
Exploits0
OSV
OSV
added 2018/02/08 6:29 p.m.5 views

CVE-2017-17657

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup TimeRange method requests. The issue result...

9.8CVSS6.2AI score0.03933EPSS
Exploits0References1
Veracode
Veracode
added 2017/06/21 8:40 a.m.11 views

Denial Of Service (DoS)

net/http in github.com/golang/go is vulnerable to denial of service DoS attacks. The attacks are possible because it does not check the range requests to make sure the total number of bytes in all the ranges is not larger than or equal to the size of the file...

6.4AI score
Exploits0
Rows per page
Query Builder