golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange...

10 Key SOC Challenges and How AI Addresses Them

SOC challenges like alert fatigue, skill shortages and slow response impact cybersecurity. AI-driven solutions enhance SOC efficiency, automation…...

WordPress Database Administrator <= 1.0.3 - Unauthenticated SQL Injection

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. Run the command: curl -i -s -k -X POST --data-binary...

K00103216: BIG-IP VIPRION MCPD vulnerability CVE-2020-5921

Security Advisory Description SYN flood causes a large number of MCPD context messages destined to secondary blades consuming memory and leading to MCPD failure. CVE-2020-5921 Impact This issue affects only VIPRION hosts with two or more blades installed, including those with Virtual Clustered...

CVE-2020-15853

supybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS. This takes quite a while to run, and zodbot stops responding to requests during this time...

GHSA-4XH4-V2PQ-JVHM personnummer/dart vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

personnummer/dart vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

CVE-2020-28944

OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data...

Slow Response to the Client Requests when USIP Mode is Enabled on ADC

When using ADC inUse Source IP USIP mode, a slow response to the client requests is experienced. Servers had requests in surge queues that were not processed. Background The USIP mode enables the NetScaler appliance to communicate with the backend servers by using the original Client IP address a...

GHSA-Q3VW-4JX3-RRR2 personnummer/java vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

personnummer/ruby vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

personnummer/csharp vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

Denial Of Service (DoS)

personnummer is vulnerable to denial of service. A validation bypass vulnerability in the regex parsing causes slow response from the server...

Slowness in Presenting Citrix Gateway/AAA Login page on Client Browsers

Sometimes Citrix Gateway login page takes a long time to be presented on the client’s browsers. When this issue occurs, you might observe any of the following conditions. The number of established connections to Apache counter has hit the default configured limit of 30 or a customized value, if...

3 Reasons MSPs Must Evolve Beyond Endpoint Detection and Response

Endpoint protection is a critical component of a security strategy. But it’s not enough. Today’s threat landscape is so wide and varied, it requires round-the-clock monitoring, full visibility into IT environments and a multilayered approach to keep hackers at bay. For MSPs, this creates a sizabl...

Denial of service in django

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

Rootstock Labs: JSON RPC methods for debugging enabled by default allow DoS

A vulnerability was discovered in the RSK JSON-RPC server that allowed an attacker to cause a denial of service DoS attack by sending the evmreset command. The server would hang, become slow, and eventually become synced to block 0, resulting in a loss of service and responsiveness to all users...

Design/Logic Flaw

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

PYSEC-2011-2

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

Struts2/XWork < 2.2.0 Remote Command Execution Vulnerability

Exploit for multiple platform in category remote exploits ============================================================ Struts2/XWork 2.2.0 Remote Command Execution Vulnerability ============================================================ Apache Struts team has announced uploaded but has not...