Lucene search
K

7 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-42664

Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 until 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2, Metabase did not validate unsafe H2 connection properties on one database-creation code path, allowing an authenticated administrator to register a crafted H2...

9.1CVSS6.2AI score0.00391EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/08/20 3:40 p.m.2 views

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. A race condition during connection closure could trigger a JVM crash when using the APR/Native connector, leading to a denial of service. This issue was particularly noticeable with client-initiated closures of HTTP/2 connections...

7.5CVSS7.1AI score0.01819EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/20 3:37 p.m.3 views

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. A race condition during connection closure could trigger a JVM crash when using the APR/Native connector, leading to a denial of service. This issue was particularly noticeable with client-initiated closures of HTTP/2 connections...

7.5CVSS7.1AI score0.01819EPSS
Exploits0References5
Metasploit
Metasploit
added 2025/06/09 6:51 p.m.540 views

OS Command Exec, Unix Command Shell, Double Reverse TCP SSL (telnet)

Execute an OS command from PHP. Creates an interactive shell through two inbound connections, encrypts using SSL via "-z" option Module Options msf use payload/php/unix/cmd/reversessldoubletelnet msf payloadreversessldoubletelnet show actions ...actions... msf payloadreversessldoubletelnet set...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/06/05 2:46 p.m.3 views

jetty: stop accepting new connections from valid clients

A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file...

7.5CVSS7AI score0.01433EPSS
Exploits0References6
Redos
Redos
added 2022/05/16 12:0 a.m.5 views

ROS-20220516-30

Vulnerability in the cURL command line utility is related to OAUTH2 connection reuse errors for SASL-enabled protocols such as SMPTPS, IMAPS, POP3S, and LDAPS openldap only. Exploitation of the vulnerability could allow an attacker acting remotely to reuse the OAUTH2 authenticated connections...

8.1CVSS7.3AI score0.03425EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2020/11/04 1:44 a.m.4 views

httpd: mod_http2: DoS via slow, unneeded request bodies

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

5.3CVSS7.1AI score0.19404EPSS
Exploits0References4
Rows per page
Query Builder