Lucene search
K

78 matches found

NVD
NVD
added 2024/08/28 7:15 a.m.20 views

CVE-2021-22530

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authenticati...

9.9CVSS0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/28 6:29 a.m.31 views

CVE-2021-22530 Improper account management vulnerability in NetIQ Advance Authentication

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authenticati...

8.2CVSS0.00215EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/28 6:29 a.m.14 views

CVE-2021-22530 Improper account management vulnerability in NetIQ Advance Authentication

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authenticati...

8.2CVSS6.9AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2024/08/28 6:29 a.m.77 views

CVE-2021-22530

CVE-2021-22530 affects NetIQ Advance Authentication and describes a brute-force risk on the API login that does not enforce account lockout. Affected are versions prior to 6.3.5.1. Potential impact includes user account compromise and possible server performance degradation. Remediation per the c...

9.9CVSS8.2AI score0.00215EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/07/01 6:10 p.m.3218 views

CVE-2024-36387

CVE-2024-36387 affects the Apache httpd mod_http2 component: when serving WebSocket protocol upgrades over HTTP/2, it can trigger a NULL pointer dereference and crash the server, degrading performance (DoS). Connected advisories indicate patches across distributions (e.g., Debian security update ...

5.4CVSS6.4AI score0.01715EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/03/30 6:36 p.m.73 views

CVE-2023-28644

CVE-2023-28644 affects Nextcloud Server 25.x prior to 25.0.3, where an inefficient fetch operation can degrade performance and lead to a denial of service. The X.Y issue (server-side fetch) is characterized as a resource-management bottleneck that may saturate server resources, with impact limite...

7.5CVSS6.3AI score0.00624EPSS
Exploits0References2Affected Software1
Nextcloud
Nextcloud
added 2023/03/30 8:13 a.m.37 views

Reference fetch can saturate the server bandwidth for 10 seconds

None...

7.5CVSS7.3AI score0.00624EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.3 views

SUSE CVE-2016-5633

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290...

4.9CVSS7.1AI score0.02471EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:33 a.m.3 views

SUSE CVE-2018-2846

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Performance Schema. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7.2AI score0.02862EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/10 5:27 p.m.76 views

CVE-2022-29117

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...

7.5CVSS1.3AI score0.04913EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2022/01/04 12:0 a.m.3 views

January 4, 2022—KB5010196 (OS Build 17763.2369) Out-of-band

January 4, 2022—KB5010196 OS Build 17763.2369 Out-of-band 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights Update...

6.8AI score
Exploits0
OSV
OSV
added 2021/12/21 11:27 p.m.13 views

MGASA-2021-0576 Updated apache-mod_security packages fix security vulnerability

Updated apache-modsecurity packages fix security vulnerability: ModSecurity mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large e.g., 300KB HTTP...

7.5CVSS7.5AI score0.03206EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2021/12/07 12:0 a.m.5 views

PT-2021-5748 · Unknown +5 · Modsecurity +5

Name of the Vulnerable Software and Affected Versions: ModSecurity versions 2.8.0 through 2.9.4 ModSecurity versions 3.0.0 through 3.0.5 Description: The issue is related to the mishandling of excessively nested JSON objects, which can cause the web server to be unable to service legitimate...

7.8CVSS7.7AI score0.03206EPSS
Exploits4References54
Lenovo
Lenovo
added 2020/12/08 1:59 p.m.108 views

Rowhammer DDR4 Vulnerability - Lenovo Support US

No description provided...

9.3CVSS9.1AI score0.02515EPSS
Exploits0
Fedora
Fedora
added 2020/08/29 4:31 p.m.55 views

[SECURITY] Fedora 31 Update: dnsperf-2.3.4-2.fc31

This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...

7.5CVSS1.9AI score0.06348EPSS
Exploits0
Prion
Prion
added 2020/05/19 2:15 p.m.41 views

Design/Logic Flaw

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

5CVSS8.2AI score0.10593EPSS
Exploits1References13Affected Software2
AlpineLinux
AlpineLinux
added 2020/05/19 2:5 p.m.52 views

CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

8.6CVSS8.8AI score0.10593EPSS
Exploits1
Debian CVE
Debian CVE
added 2020/05/19 2:5 p.m.40 views

CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

8.6CVSS6.4AI score0.10593EPSS
Exploits1
Fedora
Fedora
added 2019/11/29 12:55 a.m.42 views

[SECURITY] Fedora 31 Update: dnsperf-2.3.2-2.fc31

This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...

7.5CVSS1.9AI score0.04022EPSS
Exploits0
Fedora
Fedora
added 2019/07/22 1:4 a.m.39 views

[SECURITY] Fedora 30 Update: dnsperf-2.3.0-1.fc30

This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...

5.9CVSS1.9AI score0.03271EPSS
Exploits0
Rows per page
Query Builder