Page 54 of 38455 results (0.041 seconds)

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

Uploading multiple such requests in parallel may be enough to render a service practically unusable, even if reasonable request size limits are enforced by a reverse proxy in front of Starlette. This Denial of service (DoS) vulnerability affects all applications built with Starlette (or FastAPI) accepting form requests. • https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0

Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability. • https://www.herodevs.com/vulnerability-directory/cve-2024-9506 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). • https://access.redhat.com/errata/RHSA-2024:8418 https://access.redhat.com/errata/RHSA-2024:8428 https://access.redhat.com/errata/RHSA-2024:8437 https://access.redhat.com/errata/RHSA-2024:8686 https://access.redhat.com/errata/RHSA-2024:8690 https://access.redhat.com/errata/RHSA-2024:8694 https://access.redhat.com/errata/RHSA-2024:8700 https://access.redhat.com/errata/RHSA-2024:8984 https://access.redhat.com/errata/RHSA-2024:9051 https://access.redhat.com/errata/RHSA • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. Los dispositivos contienen dos cuentas de usuario codificadas con contraseñas codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados. • https://cert.vde.com/en/advisories/VDE-2024-056 https://cert.vde.com/en/advisories/VDE-2024-066 • CWE-798: Use of Hard-coded Credentials •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request. • https://gist.github.com/pengwGit/26fd8630392af5d8829c2e220091ac4f • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •