Lucene search
K

7 matches found

CVE
CVE
added 6 days ago14 views

CVE-2026-54772

CoreWCF (net.tcp/net.pipe/net.uds) prior to versions 1.8.1 and 1.9.1 is affected. An unauthenticated remote attacker can trigger premature EOF handling in the framing handshake, causing one server thread-pool worker to be pinned at 100% CPU per connection and potentially exhausting CPU with multi...

7.5CVSS6AI score0.00476EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/19 8:46 p.m.5 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop through the preamble decode loop in DuplexFramingMiddleware and SingletonFramingMiddleware, with the same end-of-stream handling issue in RawStream.ReadAsyncInternal. An attacker can keep a server connection open...

8.7CVSS5.8AI score0.00476EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51069

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description An unauthenticated remote attacker can trigger premature EOF End of File handling during the framing handshake of the net.tcp, net.pipe, or net.uds components. This...

7.5CVSS6AI score0.00476EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.11 views

PT-2024-22368 · Corewcf · Corewcf

Name of the Vulnerable Software and Affected Versions: CoreWCF versions prior to 1.4.2 CoreWCF versions prior to 1.5.2 Description: The issue affects NetFraming based CoreWCF services, where extra system resources could be consumed by connections being left established instead of closing or...

7.5CVSS7.1AI score0.00579EPSS
Exploits0References9
OSV
OSV
added 2019/02/18 7:29 p.m.5 views

CVE-2019-8917

SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method ma...

9.8CVSS7.9AI score0.36448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/11/13 12:0 a.m.35 views

openSUSE Security Update : redis (openSUSE-2017-1258)

This update for redis to version 4.0.2 fixes the following issues : - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included : - SLOWLOG now logs the offending client name and address - The modules native data types...

9.8CVSS7.1AI score0.14834EPSS
Exploits2References3
OSV
OSV
added 2017/11/10 1:2 p.m.10 views

OPENSUSE-SU-2017:2984-1 Security update for redis

This update for redis to version 4.0.2 fixes the following issues: - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included: - SLOWLOG now logs the offending client name and address - The modules native data types R...

7.4CVSS8.8AI score0.02147EPSS
Exploits0References2
Rows per page
Query Builder