12252 matches found
CVE-2018-25193 Mongoose Web Server 6.9 Denial of Service via Socket Connection
Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service...
CVE-2018-25193
Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service...
CVE-2018-25193 Mongoose Web Server 6.9 Denial of Service via Socket Connection
Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service...
CVE-2018-25193
The CVE-2018-25193 entry concerns Mongoose Web Server 6.9 with a denial-of-service condition. The vulnerability arises from the server handling multiple socket connections and malformed data, enabling an attacker to exhaust resources and cause service unavailability via repeated connections to th...
CVE-2018-25169
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability...
CVE-2018-25169 AMPPS 2.7 Denial of Service via Malformed Socket Connection
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability...
CVE-2018-25169 AMPPS 2.7 Denial of Service via Malformed Socket Connection
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability...
CVE-2018-25169
AMPPS 2.7 contains a Denial of Service vulnerability where a remote attacker can crash the service by sending malformed data to the default HTTP port. The issue arises from repeatedly establishing multiple socket connections and transmitting invalid payloads, leading to resource exhaustion and se...
EUVD-2026-9962
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124...
EUVD-2026-9943
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-28727
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124...
Cesanta Mongoose Web Server 安全漏洞
Cesanta Mongoose Web Server is an embedded server and network library developed in C language by the Irish company Cesanta. Version 6.9 of Cesanta Mongoose Web Server contains a security vulnerability. This vulnerability arises from the possibility that establishing multiple socket connections ma...
RockyLinux 9 : kernel (RLSA-2026:3488)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3488 advisory. kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr...
Acronis Cyber Protect和Acronis Cyber Protect Cloud Agent 安全漏洞
Acronis Cyber Protect and Acronis Cyber Protect Cloud Agent are both products of Swiss company Acronis. Acronis Cyber Protect is an integrated network protection solution for businesses and enterprises. It combines features such as backup, anti-malware, network security, and endpoint management...
CVE-2026-28727
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124, Acronis True Image macOS before build 42902...
CVE-2026-28727
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124, Acronis True Image macOS before build 42902...
CVE-2026-28727
CVE-2026-28727 : Local privilege escalation caused by insecure Unix socket permissions. Affected on macOS: Acronis Cyber Protect 17 before build 41186 and Acronis Cyber Protect Cloud Agent before build 41124. The CVSS vector indicates LOCAL access, low privileges required, no user interaction, wi...
CVE-2026-28458
OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay extension must be installed and enabled /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopback and access sensitive data. Attackers can exploit...
CVE-2026-28472
OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity or pairing by exploiting t...
kernel: Linux kernel: vsock vulnerability may lead to memory corruption
A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...