Total
1942 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40946 | 1 Dlink | 2 Dir-819, Dir-819 Firmware | 2025-02-06 | N/A | 7.5 HIGH |
| On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request. | |||||
| CVE-2021-39295 | 1 Openbmc-project | 1 Openbmc | 2025-02-06 | N/A | 7.5 HIGH |
| In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface. | |||||
| CVE-2023-27652 | 1 Egostudiogroup | 1 Super Clean | 2025-02-05 | N/A | 5.5 MEDIUM |
| An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges cause a denial of service via the update_info field of the _default_.xml file. | |||||
| CVE-2022-30691 | 1 Intel | 1 Support | 2025-02-05 | N/A | 5.9 MEDIUM |
| Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2024-7592 | 1 Python | 1 Python | 2025-02-05 | N/A | 7.5 HIGH |
| There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. | |||||
| CVE-2023-21090 | 1 Google | 1 Android | 2025-02-05 | N/A | 5.0 MEDIUM |
| In parseUsesPermission of ParsingPackageUtils.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259942609 | |||||
| CVE-2025-21087 | 2025-02-05 | N/A | 7.5 HIGH | ||
| When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2025-20058 | 2025-02-05 | N/A | 7.5 HIGH | ||
| When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2023-30408 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry. | |||||
| CVE-2023-30406 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c. | |||||
| CVE-2022-24109 | 1 Opennetworking | 1 Onos | 2025-02-05 | N/A | 6.5 MEDIUM |
| An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller. | |||||
| CVE-2022-24035 | 1 Opennetworking | 1 Onos | 2025-02-05 | N/A | 7.5 HIGH |
| An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in topology (e.g., link failure). In combination with other applications, it could lead to a failure of network management. | |||||
| CVE-2024-53851 | 2025-02-04 | N/A | 4.3 MEDIUM | ||
| Discourse is an open source platform for community discussion. In affected versions the endpoint for generating inline oneboxes for URLs wasn't enforcing limits on the number of URLs that it accepted, allowing a malicious user to inflict denial of service on some parts of the app. This vulnerability is only exploitable by authenticated users. This issue has been patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. Users unable to upgrade should turn off the `enable inline onebox on all domains` site setting and remove all entries from the `allowed inline onebox domains` site setting. | |||||
| CVE-2023-29479 | 1 Ribose | 1 Rnp | 2025-02-04 | N/A | 5.3 MEDIUM |
| Ribose RNP before 0.16.3 may hang when the input is malformed. | |||||
| CVE-2024-53299 | 2025-02-04 | N/A | 6.5 MEDIUM | ||
| The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to create a DOS via multiple requests to server resources. Users are recommended to upgrade to versions 9.19.0 or 10.3.0, which fixes this issue. | |||||
| CVE-2024-0157 | 1 Dell | 2 Storage Monitoring And Reporting, Storage Resource Manager | 2025-02-04 | N/A | 5.9 MEDIUM |
| Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session. | |||||
| CVE-2024-47239 | 1 Dell | 1 Powerscale Onefs | 2025-02-04 | N/A | 6.5 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-23450 | 1 Elastic | 1 Elasticsearch | 2025-02-04 | N/A | 4.9 MEDIUM |
| A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. | |||||
| CVE-2024-54677 | 2025-01-31 | N/A | 5.3 MEDIUM | ||
| Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. | |||||
| CVE-2024-47554 | 2025-01-31 | N/A | 4.3 MEDIUM | ||
| Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue. | |||||