Total
1999 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45163 | 2024-08-22 | N/A | 9.1 CRITICAL | ||
| The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, an attacker can send a recognized username (such as root), or can send arbitrary data. | |||||
| CVE-2024-45166 | 2024-08-22 | N/A | 9.8 CRITICAL | ||
| An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution. There is an access violation and EIP overwrite after five logins. | |||||
| CVE-2024-42950 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-21 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-43380 | 1 Floraison | 1 Fugit | 2024-08-21 | N/A | 7.5 HIGH |
| fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1. | |||||
| CVE-2024-41727 | 1 F5 | 23 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 20 more | 2024-08-20 | N/A | 7.5 HIGH |
| In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2024-4781 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted. | |||||
| CVE-2024-6004 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted. | |||||
| CVE-2024-5209 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted. | |||||
| CVE-2024-5210 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted. | |||||
| CVE-2024-4782 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer's functionality until a manual system reboot occurs. | |||||
| CVE-2024-38168 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-08-16 | N/A | 7.5 HIGH |
| .NET and Visual Studio Denial of Service Vulnerability | |||||
| CVE-2024-42981 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42980 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42969 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42951 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42943 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-7567 | 2024-08-14 | N/A | N/A | ||
| A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). If exploited, the CIP/Modbus communication may be disrupted for short duration. | |||||
| CVE-2022-4003 | 1 Motorola | 2 Q14, Q14 Firmware | 2024-08-13 | N/A | 6.5 MEDIUM |
| A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request. | |||||
| CVE-2024-30170 | 1 Ssh | 1 Privx | 2024-08-12 | N/A | 9.1 CRITICAL |
| PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later, | |||||