Page 53 of 38332 results (0.157 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. • https://github.com/hyperium/tonic/commit/a4472a86f3290e60c7c01348b7e6a8164d6e7e48 https://github.com/hyperium/tonic/issues/1897 https://github.com/hyperium/tonic/security/advisories/GHSA-4jwc-w2hc-78qv • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 3.1EPSS: 0%CPEs: -EXPL: 0

A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. ... The Mozilla Foundation's Security Advisory: A website configured to initiate a specially crafted WebTransport session could crash the Firefox process, leading to a denial of service condition. • https://bugzilla.mozilla.org/show_bug.cgi?id=1907726 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://access.redhat.com/security/cve/CVE-2024-9399 https://bugzilla.redhat.com/show_bug.cgi?id=2315945 • CWE-404: Improper Resource Shutdown or Release CWE-754: Improper Check for Unusual or Exceptional Conditions •

CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0

A successful exploit of this vulnerability may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5565 • CWE-125: Out-of-bounds Read •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service. • https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service. • https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-400: Uncontrolled Resource Consumption •