78 matches found
CVE-2021-22530
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authenticati...
CVE-2021-22530 Improper account management vulnerability in NetIQ Advance Authentication
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authenticati...
CVE-2021-22530 Improper account management vulnerability in NetIQ Advance Authentication
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authenticati...
CVE-2021-22530
CVE-2021-22530 affects NetIQ Advance Authentication and describes a brute-force risk on the API login that does not enforce account lockout. Affected are versions prior to 6.3.5.1. Potential impact includes user account compromise and possible server performance degradation. Remediation per the c...
CVE-2024-36387
CVE-2024-36387 affects the Apache httpd mod_http2 component: when serving WebSocket protocol upgrades over HTTP/2, it can trigger a NULL pointer dereference and crash the server, degrading performance (DoS). Connected advisories indicate patches across distributions (e.g., Debian security update ...
CVE-2023-28644
CVE-2023-28644 affects Nextcloud Server 25.x prior to 25.0.3, where an inefficient fetch operation can degrade performance and lead to a denial of service. The X.Y issue (server-side fetch) is characterized as a resource-management bottleneck that may saturate server resources, with impact limite...
Reference fetch can saturate the server bandwidth for 10 seconds
None...
SUSE CVE-2016-5633
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290...
SUSE CVE-2018-2846
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Performance Schema. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2022-29117
A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...
January 4, 2022—KB5010196 (OS Build 17763.2369) Out-of-band
January 4, 2022—KB5010196 OS Build 17763.2369 Out-of-band 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights Update...
MGASA-2021-0576 Updated apache-mod_security packages fix security vulnerability
Updated apache-modsecurity packages fix security vulnerability: ModSecurity mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large e.g., 300KB HTTP...
PT-2021-5748 · Unknown +5 · Modsecurity +5
Name of the Vulnerable Software and Affected Versions: ModSecurity versions 2.8.0 through 2.9.4 ModSecurity versions 3.0.0 through 3.0.5 Description: The issue is related to the mishandling of excessively nested JSON objects, which can cause the web server to be unable to service legitimate...
Rowhammer DDR4 Vulnerability - Lenovo Support US
No description provided...
[SECURITY] Fedora 31 Update: dnsperf-2.3.4-2.fc31
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...
Design/Logic Flaw
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...
[SECURITY] Fedora 31 Update: dnsperf-2.3.2-2.fc31
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...
[SECURITY] Fedora 30 Update: dnsperf-2.3.0-1.fc30
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...