CVE-2026-42304

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending...

UBUNTU-CVE-2025-69228

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...

CVE-2025-69228

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...

CVE-2025-69228

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...

EUVD-2004-1213

Malware in sbrugna...

PVS target devices will not HA failover to another PVS server.

PVS target devices will not HA failover to another PVS server. Targets devices will freeze until the original server they were streaming from is available again. HA related configurations can be checked: The vdisk should beconfigured to use cache in ram with overflow to local device hard disk, an...

Exploitable inventory component chaining in PocketMine-MP

Impact Specially crafted InventoryTransactionPackets sent by malicious clients were able to exploit the behaviour of InventoryTransaction-findResultItem and cause it to take an abnormally long time to execute causing an apparent server freeze. The affected code is intended to compact conflicting...

GHSA-8JQ6-W5CG-WM45 Exploitable inventory component chaining in PocketMine-MP

Impact Specially crafted InventoryTransactionPackets sent by malicious clients were able to exploit the behaviour of InventoryTransaction-findResultItem and cause it to take an abnormally long time to execute causing an apparent server freeze. The affected code is intended to compact conflicting...

CVE-2019-1029

A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To...

Server freezed in Skulltag 0.97d2-RC2

Luigi Auriemma Application: Skulltag http://www.skulltag.com Versions: = 0.97d2-RC2 Platforms: Windows, Linux and FreeBSD Bug: loop during the parsing of the packets Exploitation: remote, versus server Date: 16 Jun 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

Details about the hlfreeze/hl-headnut/csdos bugs

Title: Details about the hlfreeze/hl-headnut/csdos bugs Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org This short text is an idea I have had during the patching of the so called csdos.pl bug since there were a lot of things unclear. I will try to be much clear as I can... but...

Endless loop in Halo 1.06

Luigi Auriemma Application: Halo: Combat Evolved http://www.microsoft.com/games/pc/halo.aspx Versions: = 1.06 and Custom Edition 1.00 Platforms: Windows Bug: endless loop Exploitation: remote, versus server Date: 24 May 2005 Author: Luigi Auriemma e-mail: [email protected] web:...

CVE-2004-1216

The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service server freeze via a long 1 nickname or 2 model type, which generates dialog boxes on the server that must be manually handled before the server continues the game...

CVE-2004-1216

The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service server freeze via a long 1 nickname or 2 model type, which generates dialog boxes on the server that must be manually handled before the server continues the game...

Multiple vulnerabilities in Kreed 1.05

Luigi Auriemma Application: Kreed http://www.kreed3d.com Versions: = 1.05 Platforms: Windows Bugs: A in-game format string B forced exit caused by "message too long" C server temporary freezed by script errors Exploitation: remote, versus server Date: 02 December 2004 Author: Luigi Auriemma e-mai...

Server freeze in The Rage 1.01

Luigi Auriemma Application: The Rage http://www.therageonline.com Versions: = 1.01 Platforms: Windows Bug: server freeze Risk: low Exploitation: remote, versus server Date: 23 Mar 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 Th...

Unreal engine updates and Battle Mages advisory

I have an update about the methods used to test the format string vulnerability in the Unreal engine I reported yesterday. I have solved a problem in the windows version of my proof-of-concept unrfs-poc now version 0.1.1: http://aluigi.altervista.org/poc/unrfs-poc.zip The following instead is a...

Broadcast BoF and server freeze in RogerWilco (2001)

Application: Roger Wilco http://www.rogerwilco.com Versions: Mk.1d3 dated 14th Sep 2001 1.4.1.2 is NOT vulnerable Platforms: Windows Bugs: RogerWilco doesn't check the length of the nicknames sent by the clients and exists also a problem in a recv function Risk HIGH!: "Broadcast" buffer overflow...

Дырка в SunFTP

Имеются переполнения буфера, кроме того, при некорректном завершении сеанса сервер прекращает отвечать на запросы. Кроме того, можно получить любой файл используя обратный путь в директориях...

Nosque Workshop MsgCore 1.9 - Denial of Service

Nosque Workshop MsgCore 1.9 - Denial of Service source: https://www.securityfocus.com/bid/930/info There is a denial of service condition in Nosque Workshop's MsgCore SMTP server. The problem lies in memory used to store server input not being deallocated and eventually exhausted, causing the...