8 matches found
SUSE CVE-2026-44296
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...
CVE-2025-41694
A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver...
vLLM 安全漏洞
vLLM is a high throughput and memory efficient inference and service engine for LLM from vLLM open source. A security vulnerability exists in vLLM version 0.5.5 through versions prior to 0.11.1, which stems from insufficient validation of the chattemplatekwargs parameter, and may result in API...
GHSA-69J4-GRXJ-J64P vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`
Summary The /v1/chat/completions and /tokenize endpoints allow a chattemplatekwargs request parameter that is used in the code before it is properly validated against the chat template. With the right chattemplatekwargs parameters, it is possible to block processing of the API server for long...
PT-2025-47650
Name of the Vulnerable Software and Affected Versions vLLM versions 0.5.5 through 0.11.0 Description vLLM is an inference and serving engine for large language models LLMs. The /v1/chat/completions and /tokenize API endpoints accept a chat template kwargs request parameter that is not properly...
Code injection
Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier...
EulerOS 2.0 SP1 : java-1.8.0-openjdk (EulerOS-SA-2017-1254)
According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these...
VisualRoute Web Server Detection
We detected the remote web server as being a VisualRoute web server. This server allows attackers to perform a traceroute to a third party's hosts without revealing themselves to the target of the traceroute. OpenVAS Vulnerability Test $Id: visualrouteserverdetect.nasl 5676 2017-03-22 16:29:37Z c...