Lucene search
K

18 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/08/29 2:28 p.m.3 views

Security Bulletin: Incomplete Fix in Netty ≤ 4.1.118.Final Leads to DoS via Unsafe Environment File Handling on Windows, which affects IBM watsonx.data

Summary Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load ...

5.5CVSS7AI score0.00357EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-47535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe...

5.5CVSS6.6AI score0.00408EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/16 3:27 p.m.9 views

CVE-2025-7971

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

7.3CVSS7.8AI score0.00115EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 3:2 p.m.29 views

CVE-2025-7971 Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

7.3CVSS0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 3:2 p.m.4 views

CVE-2025-7971 Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

7.3CVSS7.7AI score0.00115EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.8 views

PT-2025-33298 · Rockwell Automation · Studio 5000 Logix Designer

Name of the Vulnerable Software and Affected Versions: Studio 5000 Logix Designer affected versions not specified Description: A security issue exists in Studio 5000 Logix Designer related to unsafe handling of environment variables. When a specified path does not contain a valid file, the softwa...

7.3CVSS6.6AI score0.00115EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/08/01 5:42 p.m.4 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash...

5.5CVSS7.1AI score0.00357EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/05/06 2:32 p.m.5 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00408EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/05/06 2:31 p.m.6 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash...

5.5CVSS7.1AI score0.00357EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/05/06 2:31 p.m.4 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00408EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/04/01 1:12 p.m.8 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00408EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/04/01 1:6 p.m.4 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00408EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2025/02/12 3:47 a.m.3 views

SUSE CVE-2025-25193

Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...

5.5CVSS7AI score0.00357EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2024/12/23 8:49 a.m.4 views

Security update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative

This update for aalto-xml, flatten-maven-plugin, jctools, moditect, netty, netty-tcnative fixes the following issues: CVE-2024-47535: Fixed unsafe reading of large environment files when Netty is loaded by a java application can lead to a crash due to the JVM memory limit being exceeded in netty...

5.6CVSS7.6AI score0.00408EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.2 views

Netty 资源管理错误漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. A resource management error vulnerability exists in Netty version 4.1.114 and earlier versions, which stems from allowing unsa...

5.5CVSS6.9AI score0.00408EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2019/12/24 9:8 p.m.5 views

CVE-2019-10758

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment...

7.5AI score0.84845EPSS
Exploits3References1
securityvulns
securityvulns
added 2013/11/18 12:0 a.m.39 views

Android su applications privilege escalation

Unsafe environment variables and file descriptors usage...

10CVSS4.6AI score0.01587EPSS
Exploits9References3Affected Software2
securityvulns
securityvulns
added 2007/07/02 12:0 a.m.22 views

unicon-imc2 code execution

Unsafe environment variable usage...

6.8CVSS4.5AI score0.00343EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder