CVE-2019-3883

In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during...

CVE-2018-17586

The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules0content parameter in a wpfcsavetimeoutpages action...

UBUNTU-CVE-2019-5739

Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service DoS attack...

Chaturbate: DoS attacks utilizing camo.stream.highwebmedia.com

DoS attacks utilizing camo.stream.highwebmedia.com Summary The asset proxy at camo.stream.highwebmedia.com used to embed external images linked by users fails to enforce 1. a timeout on slow responses if a little data is sent every 10 seconds a kind of "reverse-slowloris" attack 1. a size limit o...

Joyent Node.js Denial of Service Vulnerability (CNVD-2019-42554)

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

SUSE-SU-2019:0391-1 Security update for python-PyKMIP

This update for python-PyKMIP fixes the following issues: Security issue fixed: - CVE-2018-1000872: Fixed a denial-of-service vulnerability which was caused by exhausting the available sockets. To mitigate the issue server socket timeout was decreased bsc1120767...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

polkit security update

0.112-18.0.1 - Increase timeout to avoid defunct processes bug26930744 0.112-18.el76.1 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz1667311...

Impact of 62 million devices: the interpretation I is how to find the Marvell Avastar Wi-Fi remote code execution vulnerability-vulnerability warning-the black bar safety net

One, overview In the present study, I will mainly analyze the Marvell WiFi-FullMAC SoC security. Since we have not yet completed the product with a chip of a wireless device of research, and therefore which may contain large amounts of unaudited code, which might appear serious security problems...

Cross site scripting

Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page...

CVE-2015-9281

Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page...

CVE-2015-9281

Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page...

CVE-2015-9281

CVE-2015-9281 concerns the Logon Manager in SAS Web Infrastructure Platform (pre-9.4M3). The vulnerability is a reflected XSS on the Timeout page, caused by insufficient input sanitization on that page. Affected component: Logon Manager’s web UI; the issue is triggered when processing user-contro...

Denial Of Service (DoS)

Linux kernel-rt is vulnerable to denial of service. A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctpaccept during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SC...

Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support

Easily turn single threaded command line applications into fast, multi threaded application with CIDR and glob support. Setup Install using: $ python3 setup.py install Dependencies will then be installed and Interlace will be added to your path as interlace. Usage Argument | Description ---|--- -...

CVE-2018-6169

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page...

CVE-2018-6169

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page...

Hardcoded credentials

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page...

CVE-2018-6169

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page...

UBUNTU-CVE-2018-6169

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page...