The HTTP/2 protocol allows a denial of service (server resource consumption) because request ca…

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) al…

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2…

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in …

HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the…

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an…

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This al…

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to gen…

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' …

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amp…

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.…

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial…

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 …

An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount…

Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, the…

nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 lib…

A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.…

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is …

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of s…

amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit u…

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is sk…

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of…

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial o…

Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (…

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC throug…

Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting …

Zoho ManageEngine ADSelfService Plus before 6218 allows anyone to conduct a Denial-of-Service a…

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty…

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing th…

XStream is a Java library to serialize objects to XML and back again. In XStream before version…

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service atta…

The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to c…

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number…

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue…

The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authentica…

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource c…

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustio…

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted stre…

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to…

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0…