AWebServer GhostBuilding 18 contains a denial of service vulnerability that allows remote attackers to overwhelm the server by sending multiple concurrent HTTP requests. Attackers can generate high-vo
Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can s
An issue in Technitium DNS Server v.13.5 allows a remote attacker to cause a denial of service via the rate-limiting component
A vulnerability in the CivetWeb library's function mg_handle_form_request allows remote attackers to trigger a denial of service (DoS) condition. By sending a specially crafted HTTP POST request conta
Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.
yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.
A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEAS_HomePage/GetAreaTrendChart
The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting
A vulnerability has been found in ghostxbh uzy-ssm-mall 1.0.0 and classified as critical. This vulnerability affects the function ForeProductListController of the file /mall/product/0/20. The manipula
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.
Ghost is a Node.js content management system. In versions 5.90.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's /ghost/api/admin/members/events endpoint allows users with authent
A Command Injection issue in the payload build page in BYOB (Build Your Own Botnet) 2.0 allows attackers to execute arbitrary commands on the server via a crafted build parameter. This occurs in freez
A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or execute arbitrary cod
A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPrese
Ghost is an open source content management system. In Ghost versions 5.43.0 through 5.12.04 and 6.0.0 through 6.14.0, an attacker was able to craft a malicious link that, when accessed by an authentic
ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connection
An attacker could exploit the vulnerability by
injecting garbage data or specially crafted data. Depending on the data injected each process might be
affected differently. The process could crash or c
WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated fields.
HackerOne community member Dang Hung Vi (vidang04) has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could requ
A denial-of-service security issue exists in the affected product and version. The security issue stems from a high number of requests sent to the web server. This could result in a web server crash h
Page 1+ Next →