Lucene search
K

78 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.10 views

The vulnerability of the `create_worker_threads` method in the MariaDB database management system allows a hacker to cause a service failure.

The vulnerability of the createworkerthreads method in the MariaDB database management system exists due to improper cleanup or resource release. Exploiting this vulnerability can allow an attacker to cause service failures...

3.3CVSS6.5AI score0.00219EPSS
Exploits0References6Affected Software2
Microsoft CVE
Microsoft CVE
added 2022/05/28 7:0 a.m.15 views

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads the held lock is not released correctly which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.

...

5.5CVSS7.3AI score0.00219EPSS
Exploits0
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.4 views

MariaDB 安全漏洞

MariaDB is the database management system of the Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine. a denial of service vulnerability exists in versions of MariaDB Server prior to 10.7, which originates in extra/mariabackup/dscompress.cc, and can be exploited...

5.5CVSS5.6AI score0.00222EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2020/04/02 2:8 p.m.32 views

CVE-2019-9815

If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...

8.1CVSS1AI score0.01828EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.28 views

EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2019-2369)

According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different retu...

9.8CVSS6.6AI score0.08426EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.30 views

EulerOS 2.0 SP5 : 389-ds-base (EulerOS-SA-2019-1562)

According to the version of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most...

7.5CVSS6.3AI score0.08426EPSS
Exploits0References2
OSV
OSV
added 2019/04/17 2:29 p.m.1 views

DEBIAN-CVE-2019-3883

In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during...

7.5CVSS6.9AI score0.08426EPSS
Exploits0References1
Kitploit
Kitploit
added 2018/10/15 9:7 p.m.75 views

Nameles - Open Source Entropy Based Invalid Traffic Detection And Pre-Bid Filtering

Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. For a high level overview you might want to check out the website If you have any questions or...

7AI score
Exploits0References5
NVD
NVD
added 2018/03/09 7:29 p.m.17 views

CVE-2018-7998

In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vipsregiongenerate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race conditi...

7.5CVSS7.3AI score0.0188EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2016/02/17 12:0 a.m.37 views

Oracle Linux 7 : 389-ds-base (ELSA-2016-0204)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-0204 advisory. - Resolves: bug 1299757 - CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS Tenable has extracted the preceding...

7.8CVSS7.5AI score0.0399EPSS
Exploits0References2
Apache Httpd
Apache Httpd
added 2016/02/02 12:0 a.m.67 views

Apache Httpd < 2.4.20 : mod_http2: denial of service by thread starvation

By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18...

5.9CVSS1.1AI score0.15327EPSS
Exploits0Affected Software1
canvas
canvas
added 2015/02/02 7:59 p.m.48 views

Immunity Canvas: ADOBE_FLASH_DOMAINMEMORY_UAF

Name| adobeflashdomainMemoryuaf ---|--- CVE| CVE-2015-0313 Exploit Pack| CANVAS Description| adobeflashdomainMemoryuaf Notes| CVE Name: CVE-2015-0313 VENDOR: Adobe Notes: This module exploits a use-after free vulnerability on the Flash handling of the ApplicationDomain.currentDomain.domainMemory...

10CVSS9AI score0.95683EPSS
Exploits9
PyPA
PyPA
added 2010/09/08 8:0 p.m.9 views

PYSEC-2010-33

Withdrawn as duplicate of PYSEC-2010-32 ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service crash of worker threads via vectors that trigger uncaught exceptions...

4.3CVSS6AI score0.01528EPSS
Exploits1References7
Prion
Prion
added 2010/09/08 8:0 p.m.21 views

Code injection

ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service crash of worker threads via vectors that trigger uncaught exceptions...

4.3CVSS7.1AI score0.01528EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2009/12/15 12:0 a.m.43 views

Monkey HTTPd improper input validation vulnerability

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ? 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2009/12/15 12:0 a.m.42 views

Monkey Web Server Denial Of Service

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ≤ 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2000/01/04 5:0 a.m.25 views

CVE-1999-0723

The Windows NT Client Server Runtime Subsystem CSRSS can be subjected to a denial of service when all worker threads are waiting for user input...

6.5AI score0.08084EPSS
Exploits0References4
NVD
NVD
added 1999/06/23 4:0 a.m.19 views

CVE-1999-0723

The Windows NT Client Server Runtime Subsystem CSRSS can be subjected to a denial of service when all worker threads are waiting for user input...

7.1CVSS6.5AI score0.08084EPSS
Exploits0References4
Rows per page
Query Builder