CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Vulnrichment•added 2026/02/09 8:34 p.m.•1 views

CVE-2026-25791 Sliver has a DNS C2 OTP Bypass Allows Unauthenticated Session Flooding and Denial of Service

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because sessions are stored...

7.5CVSS5.7AI score0.00028EPSS

Exploits1References2

Github Security Blog•added 2026/02/06 10:52 p.m.•9 views

Sliver has DNS C2 OTP Bypass that Allows Unauthenticated Session Flooding and Denial of Service

Summary The DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because sessions are stored without a cleanup/expiry path in this flow, an unauthenticated remote actor can repeatedly...

7.5CVSS5.5AI score0.00028EPSS

Exploits1References5Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-2552

Malware in sbrugna...

6.5CVSS6.5AI score0.00308EPSS

Exploits0References4

RedhatCVE•added 2022/02/21 1:46 p.m.•10 views

CVE-2020-35210

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

6.5CVSS5.7AI score0.00308EPSS

Exploits0References3

OSV•added 2021/12/17 8:41 p.m.•1 views

GHSA-MF27-WG66-M8F5 A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

6.5CVSS5.9AI score0.00308EPSS

Exploits0References3

NVD•added 2021/12/16 8:15 p.m.•6 views

CVE-2020-35210

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

6.5CVSS0.00308EPSS

Exploits0References1

Prion•added 2021/12/16 8:15 p.m.•10 views

Session fixation

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

4CVSS6.2AI score0.00308EPSS

Exploits0References1Affected Software1

CVE•added 2021/12/16 7:8 p.m.•80 views

CVE-2020-35210

CVE-2020-35210 affects Atomix v3.1.5 and enables denial-of-service via a Raft session flooding attack using Raft OpenSessionRequest messages. Multiple connected sources (Red Hat CVE entry, CNVD/CNNVD, Veracode, GHSA) corroborate a DoS impact stemming from a resource-management flaw in Atomix 3.1....

6.5CVSS6.2AI score0.00308EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/16 7:8 p.m.•8 views

CVE-2020-35210

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

6.2AI score0.00308EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by