Total
2191 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28204 | 1 Mediawiki | 1 Mediawiki | 2025-05-29 | N/A | 7.5 HIGH |
| A denial-of-service issue was discovered in MediaWiki 1.37.x before 1.37.2. Rendering of w/index.php?title=Special%3AWhatLinksHere&target=Property%3AP31&namespace=1&invert=1 can take more than thirty seconds. There is a DDoS risk. | |||||
| CVE-2022-28639 | 2 Hp, Hpe | 77 Apollo 4200 Gen10 Server, Apollo 4500, Apollo R2000 Chassis and 74 more | 2025-05-29 | N/A | 8.8 HIGH |
| A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities. | |||||
| CVE-2023-48834 | 1 Phpjabbers | 1 Car Rental Script | 2025-05-28 | N/A | 7.5 HIGH |
| A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. | |||||
| CVE-2022-37884 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2025-05-28 | N/A | 7.5 HIGH |
| A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in the unavailability of the guest interface in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2021-21348 | 6 Apache, Debian, Fedoraproject and 3 more | 16 Activemq, Jmeter, Debian Linux and 13 more | 2025-05-23 | 7.8 HIGH | 5.3 MEDIUM |
| XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. | |||||
| CVE-2021-21341 | 6 Apache, Debian, Fedoraproject and 3 more | 13 Activemq, Jmeter, Debian Linux and 10 more | 2025-05-23 | 7.1 HIGH | 7.5 HIGH |
| XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. | |||||
| CVE-2022-32790 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-05-22 | N/A | 7.5 HIGH |
| This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service. | |||||
| CVE-2023-41151 | 2 Microsoft, Softing | 4 Windows, Opc, Opc Ua C\+\+ Software Development Kit and 1 more | 2025-05-22 | N/A | 7.5 HIGH |
| An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing. | |||||
| CVE-2025-41227 | 2025-05-21 | N/A | 5.5 MEDIUM | ||
| VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition. | |||||
| CVE-2025-41226 | 2025-05-21 | N/A | 6.8 MEDIUM | ||
| VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled. | |||||
| CVE-2025-5031 | 2025-05-21 | 2.6 LOW | 3.1 LOW | ||
| A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-34326 | 1 Realtek | 2 Rtl8195am, Rtl8195am Firmware | 2025-05-21 | N/A | 7.5 HIGH |
| In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection (with four-way handshake) failures in Soft AP mode. | |||||
| CVE-2024-33774 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2025-05-21 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a denial of service (DoS) through the parameter "webpage." | |||||
| CVE-2025-29954 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-19 | N/A | 5.9 MEDIUM |
| Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2025-29957 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-19 | N/A | 6.2 MEDIUM |
| Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally. | |||||
| CVE-2025-26677 | 1 Microsoft | 5 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 2 more | 2025-05-19 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network. | |||||
| CVE-2023-49550 | 1 Cesanta | 1 Mjs | 2025-05-16 | N/A | 7.5 HIGH |
| An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component. | |||||
| CVE-2025-20057 | 2025-05-16 | N/A | 3.5 LOW | ||
| Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2025-20616 | 2025-05-16 | N/A | 5.5 MEDIUM | ||
| Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2025-20084 | 2025-05-16 | N/A | 3.5 LOW | ||
| Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||