268 matches found
DEBIAN-CVE-2024-47408
In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcdv2extoffset when receiving proposal msg When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset...
Authentication Bypass by Primary Weakness
Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness due to the management of client connections by OTAPI, which allows stale UUIDs to remain on RemoteClient instances after a player disconnects. An attacker can assume the login state of a...
PT-2024-40331 · Tshock +1 · Tshock +1
Name of the Vulnerable Software and Affected Versions: TShock versions prior to 5.2.1 OTAPI affected versions not specified Description: An issue with OTAPI's management of client connections leads to stale UUIDs remaining on RemoteClient instances after a player disconnects. This can cause a...
Amazon Linux 2023 : python3-waitress (ALAS2023-2024-773)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-773 advisory. Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using...
waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request
A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...
waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion
A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...
waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion
A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...
Denial Of Service (DoS)
Waitress is vulnerable to Denial Of Service DoS. The vulnerability is due to a race condition where, if a remote client closes the connection before Waitress calls getpeername, allows an attacker to trigger a busy-loop in the server, causing it to repeatedly attempt writing to a non-existent sock...
CVE-2024-49768
A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...
CVE-2024-49769
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...
CVE-2024-49768
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...
CVE-2024-49768 Waitress has request processing race condition in HTTP pipelining with invalid first request
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...
CVE-2024-49768 Waitress has request processing race condition in HTTP pipelining with invalid first request
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...
CVE-2024-49768
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...
PT-2024-32858 · Gradio · Gradio
Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 5.0 Description: This issue is related to a lack of integrity check on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from...
RHEL 7 : ppp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ppp: Remote client crash in ppp EAP-TLS patch CVE-2018-11574 - A vulnerability classified as problematic...
CVE-2024-1933 Improper symlink resolution in TeamViewer Remote client for macOS
Insecure UNIX Symbolic Link Symlink Following in TeamViewer Remote Client prior Version 15.52 for macOS allows an attacker with unprivileged access, to potentially elevate privileges or conduct a denial-of-service-attack by overwriting the symlink...
BIT-MYSQL-CLIENT-2023-5157 Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...
squid: denial of service in HTTP header parser
A flaw was found in Squid. This issue may allow a remote client or remote server to trigger a denial of service when sending oversized headers in HTTP messages...
CVE-2024-0819
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account...