Max CVSS 7.8 Min CVSS 4.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-11080 5.0
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings e
16-10-2023 - 18:15 03-06-2020 - 23:15
CVE-2019-0197 4.9
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection cou
07-09-2022 - 17:36 11-06-2019 - 22:29
CVE-2019-15903 5.0
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-r
28-07-2022 - 11:23 04-09-2019 - 06:15
CVE-2020-7595 5.0
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
25-07-2022 - 18:15 21-01-2020 - 23:15
CVE-2019-20388 5.0
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
25-07-2022 - 18:15 21-01-2020 - 23:15
CVE-2020-1934 5.0
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
26-04-2022 - 17:05 01-04-2020 - 20:15
CVE-2018-20843 7.8
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
18-04-2022 - 17:17 24-06-2019 - 17:15
CVE-2019-19956 5.0
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
21-07-2021 - 11:39 24-12-2019 - 16:15
CVE-2019-0196 5.0
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request
06-06-2021 - 11:15 11-06-2019 - 22:29
Back to Top Mark selected
Back to Top