CVE-2019-1559
- EPSS 5.05%
- Published 27.02.2019 23:29:00
- Last modified 21.11.2024 04:36:48
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...
CVE-2018-18065
- EPSS 4.29%
- Published 08.10.2018 18:29:00
- Last modified 21.11.2024 03:55:25
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2018-18066
- EPSS 0.59%
- Published 08.10.2018 18:29:00
- Last modified 06.05.2025 15:15:54
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2018-1000656
- EPSS 0.43%
- Published 20.08.2018 19:31:45
- Last modified 21.11.2024 03:40:20
The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attack...
CVE-2018-12538
- EPSS 0.43%
- Published 22.06.2018 19:29:00
- Last modified 21.11.2024 03:45:23
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatche...