Lucene search
K

268 matches found

osv
osv
added 2025/01/11 1:15 p.m.2 views

DEBIAN-CVE-2024-47408

In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcdv2extoffset when receiving proposal msg When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset...

5.5CVSS5.7AI score0.00218EPSS
Exploits0References1
snyk
snyk
added 2024/12/18 6:19 p.m.4 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to the management of client connections by OTAPI, which allows stale UUIDs to remain on RemoteClient instances after a player disconnects. An attacker can assume the login state of a...

8.9CVSS6.9AI score
Exploits0References2
ptsecurity
ptsecurity
added 2024/12/18 12:0 a.m.3 views

PT-2024-40331 · Tshock +1 · Tshock +1

Name of the Vulnerable Software and Affected Versions: TShock versions prior to 5.2.1 OTAPI affected versions not specified Description: An issue with OTAPI's management of client connections leads to stale UUIDs remaining on RemoteClient instances after a player disconnects. This can cause a...

8.9CVSS7AI score
Exploits0References4
nessus
nessus
added 2024/12/11 12:0 a.m.12 views

Amazon Linux 2023 : python3-waitress (ALAS2023-2024-773)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-773 advisory. Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using...

9.1CVSS6.6AI score0.01386EPSS
Exploits0References6
redhat
redhat
added 2024/12/05 2:26 a.m.3 views

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

9.1CVSS5.8AI score0.00496EPSS
Exploits0References6
redhat
redhat
added 2024/12/05 2:26 a.m.3 views

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References8
redhat
redhat
added 2024/11/19 8:51 a.m.4 views

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

7.5CVSS5.7AI score0.01386EPSS
Exploits0References8
veracode
veracode
added 2024/11/11 7:29 a.m.9 views

Denial Of Service (DoS)

Waitress is vulnerable to Denial Of Service DoS. The vulnerability is due to a race condition where, if a remote client closes the connection before Waitress calls getpeername, allows an attacker to trigger a busy-loop in the server, causing it to repeatedly attempt writing to a non-existent sock...

7.5CVSS7AI score0.01386EPSS
Exploits0References6Affected Software1
redhatcve
redhatcve
added 2024/10/29 4:30 p.m.19 views

CVE-2024-49768

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

4.8CVSS9AI score0.00496EPSS
Exploits0References5
nvd
nvd
added 2024/10/29 3:15 p.m.10 views

CVE-2024-49769

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

7.5CVSS0.01386EPSS
Exploits0References5
nvd
nvd
added 2024/10/29 3:15 p.m.17 views

CVE-2024-49768

Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...

9.1CVSS0.00496EPSS
Exploits0References2
osv
osv
added 2024/10/29 2:32 p.m.12 views

CVE-2024-49768 Waitress has request processing race condition in HTTP pipelining with invalid first request

Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...

9.1CVSS6.1AI score0.00496EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2024/10/29 2:32 p.m.16 views

CVE-2024-49768 Waitress has request processing race condition in HTTP pipelining with invalid first request

Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...

9.1CVSS7.2AI score0.00496EPSS
Exploits0References2
debiancve
debiancve
added 2024/10/29 2:32 p.m.17 views

CVE-2024-49768

Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...

9.1CVSS6.5AI score0.00496EPSS
Exploits0
ptsecurity
ptsecurity
added 2024/10/10 12:0 a.m.4 views

PT-2024-32858 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 5.0 Description: This issue is related to a lack of integrity check on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from...

7.5CVSS7.2AI score0.00208EPSS
Exploits0References13
nessus
nessus
added 2024/05/11 12:0 a.m.16 views

RHEL 7 : ppp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ppp: Remote client crash in ppp EAP-TLS patch CVE-2018-11574 - A vulnerability classified as problematic...

7.9AI score0.01899EPSS
Exploits0References2
cvelist
cvelist
added 2024/03/26 12:47 p.m.17 views

CVE-2024-1933 Improper symlink resolution in TeamViewer Remote client for macOS

Insecure UNIX Symbolic Link Symlink Following in TeamViewer Remote Client prior Version 15.52 for macOS allows an attacker with unprivileged access, to potentially elevate privileges or conduct a denial-of-service-attack by overwriting the symlink...

7.1CVSS7AI score0.00209EPSS
Exploits0References1
osv
osv
added 2024/03/06 10:57 a.m.16 views

BIT-MYSQL-CLIENT-2023-5157 Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...

7.5CVSS7.1AI score0.02021EPSS
Exploits0References10
redhat
redhat
added 2024/03/04 9:16 a.m.4 views

squid: denial of service in HTTP header parser

A flaw was found in Squid. This issue may allow a remote client or remote server to trigger a denial of service when sending oversized headers in HTTP messages...

7.5CVSS5.8AI score0.88864EPSS
Exploits0References6
osv
osv
added 2024/02/27 2:15 p.m.5 views

CVE-2024-0819

Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account...

7.8CVSS5.8AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder