CVE-2025-13165

CVE-2025-13165 concerns Digiwin EasyFlow GP. The vulnerability is a Denial of Service via unauthenticated remote requests that can crash or deny the web service. The initial records attribute a high impact (availability) with network access and no privileges required, but exploitation details are...

CVE-2025-64388

Denial of service of the web server through specific requests to this protocol...

EUVD-2025-37352

Denial of service of the web server through specific requests to this protocol...

EUVD-2021-10134

Malware in sbrugna...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10692)

PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from mishandling of specific requests. No detailed vulnerability details are provided at this time...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. The TOTOLINK A3700R suffers from an improper access control vulnerability that stems from mishandling of specific requests. No detailed vulnerability details are provided at this time...

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from mishandling of specific requests. No detailed vulnerability details are provided at this time...

Squid Proxy Range Header Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Squid Proxy Range Header DoS', 'Description' = %q The range handler in The Squid Caching Proxy Server 3.0-4.1.4 and 5.0.1-5.0.5 suffers from...

CVE-2023-6038

A Local File Inclusion LFI vulnerability exists in the h2o-3 REST API, allowing unauthenticated remote attackers to read arbitrary files on the server with the permissions of the user running the h2o-3 instance. This issue affects the default installation and does not require user interaction. Th...

CVE-2022-47378

Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition...

CVE-2022-25897

A flaw was found in the Eclipse Milo SDK Server. This flaw allows an attacker to consume the application memory, leading to a denial of service by sending specific requests...

CVE-2022-20920

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

ZEIT Next.js 代码问题漏洞

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. A security vulnerability exists in ZEIT Next.js that stems from the fact that when a specific request is sent to the Next.js server, it may cause an unhandledRejection in the server,...

CVE-2021-44899

Micro-Star International MSI Center = 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLibX64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOC...

Micro Star International Center 安全漏洞

Micro Star International Center is a new platform from Micro Star Technology Micro Star Inc. of Taiwan, China that combines all of MSI's exclusive features. Micro Star International Center has a security vulnerability that originates from an elevation of privilege vulnerability in multiple...

CVE-2019-10887

A reflected HTML injection vulnerability on Salicru SLC-20-cube35 devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name=...

http-waf-fingerprint NSE Script

Tries to detect the presence of a web application firewall and its type and version. This works by sending a number of requests and looking in the responses for known behavior and fingerprints such as Server header, cookies and headers values. Intensive mode works by sending additional WAF specif...

CVE-2007-6494

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to obtain login access via a request to hosting/addreseller.asp with a username in the reseller parameter, followed by a request to AdminSettings/displays.asp with the DecideAction and ChangeSkin parameters...

Design/Logic Flaw

The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service continuous beep and server slowdown via a string containing many 0x07 characters in 1 a request to the images/ directory, 2 the Content-Type field, 3 a HEAD...

DoS против контроллеров домена в Windows 2000

Флуд определенными типами запросов приводит к 100 загрузке процессора...