11 matches found
EUVD-2002-1855
Malware in sbrugna...
CVE-2025-41676
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession...
CVE-2002-1876
Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS...
Fedora 38 : golang-gvisor (2024-d652859efb)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d652859efb advisory. Update golang-gvisor to 20240408.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
AZL-43741 CVE-2023-39325 affecting package nmi 1.8.17-6
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
Stripo Inc: Bypass of #1047119: Missing Rate Limit while creating Plug-Ins at https://my.stripo.email/cabinet/plugins/
Summary: I have found a bypass for the report https://hackerone.com/reports/1047119 It seems that a proper fix was not issued therefore the issue still remains. Steps To Reproduce: 1. Create a Plug-In and capture the request. 1. Send this to Intruder 1. Follow the rest in the Video POC. POC Video...
UA-Parser Denial of Service Vulnerability
UA-Parser is a multi-language port of the User Agent String Parser for BrowserScope. A denial of service vulnerability exists in UA-Parser 2015-05-14 and later versions. An attacker can exploit the vulnerability by sending a large number of requests quickly to cause a website to become unavailabl...
CVE-2016-2829
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission...
UBUNTU-CVE-2016-2829
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission...
Repeated attempts to access a target site can trigger address field spoofing – Opera Security Advisories
The browser address field should always show the correct address for the page that is currently being displayed. By making repeated requests to load a target site in rapid succession, an attacking web site can cause Opera to display the target sites address while the attacking page is still being...
DEBIAN-CVE-2008-5519
The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...