Lucene search
K

6 matches found

OSV
OSV
added 2021/04/19 2:54 p.m.30 views

GHSA-WMG4-8CP2-HPG9 Sydent vulnerable to denial of service attack via memory exhaustion

Impact Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to disk space exhaustion and denial of service. Sydent also does not limit response size for requests it makes to remote Matrix homeservers....

8.7CVSS7.4AI score0.01833EPSS
Exploits0References9
NVD
NVD
added 2021/04/15 9:15 p.m.15 views

CVE-2021-29430

Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to memory exhaustion and denial of service. Sydent also does not limit response size for requests it...

7.5CVSS0.01833EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2017/10/26 12:0 a.m.7 views

The vulnerability of the Locator/ID Separation (LISP) protocol implementation in Cisco IOS allows a hacker to bypass the authentication process.

The vulnerability of the Locator/ID Separation LISP protocol implementation in Cisco IOS is related to defects in the authentication process logical error. Exploiting this vulnerability allows a malicious actor to bypass the authentication process by using special registration requests that trigg...

9.8CVSS7.8AI score0.03122EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2014/04/09 12:0 a.m.4 views

PT-2014-1990 · Trane · Trane Comfortlink Ii

Name of the Vulnerable Software and Affected Versions: Trane ComfortLink II firmware version 2.0.2 Description: The issue is caused by a buffer overflow in the memory due to an overly long REG request. This can allow a remote attacker to execute arbitrary code. The vulnerability exists in the DSS...

10CVSS8.3AI score0.06841EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/12/01 12:0 a.m.371 views

SIP Username Enumeration

The SIP server on the remote host appears to respond differently to registration requests for valid and invalid usernames. Using that fact, Nessus was able to enumerate some of the valid usernames. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2007/11/16 6:46 p.m.27 views

CVE-2007-5398

Stack-based buffer overflow in the replynetbiospacket function in nmbd/nmbdpackets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request...

9.3CVSS7.8AI score0.1125EPSS
Exploits1References2
Rows per page
Query Builder