42 matches found
EUVD-2011-1185
Malware in sbrugna...
EUVD-2018-4206
Malware in sbrugna...
EUVD-2024-2937
Malicious code in bioql PyPI...
CVE-2022-32557
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers...
Linux Distros Unpatched Vulnerability : CVE-2024-36907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: SUNRPC: add a missing rpcstat for TCP TLS Commit 1548036ef120 nfs: make the rpcstat per net...
CVE-2024-47609
A flaw was found in the hyperium/tonic package. In certain conditions, it may be possible for a remote attacker to cause the application to terminate upon accepting a TCP/TLS stream, which may lead to a denial of service...
UBUNTU-CVE-2024-47609
Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out with errors that...
CVE-2024-47609 Remotely exploitable DoS in Tonic `<=v0.12.2`
Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out with errors that...
CVE-2024-36907
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-36907
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-36907
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-36907
...
CVE-2024-36907
...
CVE-2024-36907
Removed by vendor...
PT-2024-4107
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc6+ Description The vulnerability is related to the SUNRPC module in the Linux kernel, specifically with the TCP TLS functionality. A missing rpc stat for TCP TLS can cause a kernel NULL pointer dereferenc...
Pulse Connect Secure < 9.1R16 Client Side Desync (SA45476)
The Pulse Connect Secure installed on the remote host is prior to 9.1R16. It is, therefore, affected by client-side http request smuggling. When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends u...
PR-DNSd - Passive-Recursive DNS Daemon
Passive-Recursive DNS daemon. Quickstart nameserver 127.0.0.1 | sudo tee /etc/resolv.conf dig google.com dig -x $dig +short google.com" go get github.com/korc/PR-DNSd sudo setcap capnetbindservice,capsyschroot=ep go/bin/PR-DNSd go/bin/PR-DNSd -upstream 9.9.9.9:53 -listen 127.0.0.1:53 echo...
Authentication flaw
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers...
CVE-2022-32557
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers...
PT-2022-21369 · Couchbase · Couchbase Server
Name of the Vulnerable Software and Affected Versions: Couchbase Server versions prior to 7.0.4 Description: The issue is related to the Index Service in Couchbase Server, which does not enforce authentication for TCP/TLS servers. This lack of authentication enforcement can lead to unauthorized...