11 matches found
CVE-2026-10190
CVE-2026-10190 affects Tenda W12 3.0.0.7(4763). The Web Management Interface contains a vulnerable function: cgiSysWebTimeoutSet in /bin/httpd. Manipulating the argument web_over_time triggers a denial of service. The vulnerability is exploitable remotely, and public exploit code exists. The prov...
Nokogiri CSS selector tokenizer has regular expression backtracking
Summary Nokogiri's CSS selector tokenizer contains regular expressions whose construction may result in exponential regex backtracking on adversarial selectors. Three ReDoS vectors are addressed in this release: 1. String-literal tokenization on certain unterminated quoted-string input. 2...
UBUNTU-CVE-2023-53168
In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: Increase the command completion timeout Commit 130a96d698d7 "usb: typec: ucsi: acpi: Increase command completion timeout value" increased the timeout from 5 seconds to 60 seconds due to issues related to alternate...
Exploit for CVE-2025-0133
Description: It is a POC for CVE-2025-0133 that is applicab...
Aim vulnerable to Synchronous Access of Remote Resource without Timeout
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting ...
CVE-2024-12777
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting ...
PT-2025-12147 · Aimhubio · Aim
Name of the Vulnerable Software and Affected Versions: aimhubio/aim version 3.25.0 Description: A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesti...
Surf - Escalate Your SSRF Vulnerabilities On Modern Cloud Environments
surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to each host, collecting all the hosts that did not respond, and then filtering them into a list of externally facing and internally facing hosts. You ca...
SUSE CVE-2019-18836
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continueonlistenerfilterstimeout is used."...
Radmin service end to maintain the connection constantly problem analysis and solving-vulnerability warning-the black bar safety net
1, A description of the problem Radmin is a good remote control software, used to do a springboard back door could not be better, but each is connected through the springboard, look at the springboard connection, you can still see us, and a springboard for on Radmin connections, just shown as...
Fedora Core 5 : gdm-2.14.1-1.fc5.2 (2006-338)
Notes taken from upstream release mail - The sockets connection between the slaves and the GDM daemon is now better managed to better ensure that sockets are never left open. Brian Cameron - Corrected bug that causes a core dump when you click on gdmgreeter fields that have an id. Brian Cameron -...