Total
2114 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1953 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 4.3 MEDIUM |
| Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request. | |||||
| CVE-2024-28053 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 3.1 LOW |
| Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server. | |||||
| CVE-2024-2446 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 4.3 MEDIUM |
| Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to limit the number of @-mentions processed per message, allowing an authenticated attacker to crash the client applications of other users via large, crafted messages. | |||||
| CVE-2018-12122 | 2 Nodejs, Suse | 4 Node.js, Suse Enterprise Storage, Suse Linux Enterprise Server and 1 more | 2024-12-13 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. | |||||
| CVE-2024-11835 | 2024-12-13 | N/A | N/A | ||
| Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue affects PlexTrac: from 1.61.3 before 2.8.1. | |||||
| CVE-2024-12579 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
| The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create comments that can cause catastrophic backtracking and break pages. | |||||
| CVE-2024-28949 | 1 Mattermost | 1 Mattermost Server | 2024-12-12 | N/A | 4.3 MEDIUM |
| Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service. | |||||
| CVE-2024-27874 | 1 Apple | 2 Ipados, Iphone Os | 2024-12-12 | N/A | 7.5 HIGH |
| This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service. | |||||
| CVE-2023-20268 | 1 Cisco | 7 Business 150ax, Business 150ax Firmware, Business 151axm and 4 more | 2024-12-12 | N/A | 4.7 MEDIUM |
| A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An attacker could exploit this vulnerability by sending a series of specific wireless packets to an affected device. A successful exploit could allow the attacker to consume resources on an affected device. A sustained attack could lead to the disruption of the Control and Provisioning of Wireless Access Points (CAPWAP) tunnel and intermittent loss of wireless client traffic. | |||||
| CVE-2024-40841 | 1 Apple | 1 Macos | 2024-12-12 | N/A | 5.5 MEDIUM |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination. | |||||
| CVE-2023-36606 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-36579 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-36431 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-34166 | 1 Huawei | 1 Emui | 2024-12-12 | N/A | 7.5 HIGH |
| Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart. | |||||
| CVE-2023-31348 | 1 Amd | 1 Uprof | 2024-12-12 | N/A | 7.3 HIGH |
| A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||
| CVE-2024-44160 | 1 Apple | 1 Macos | 2024-12-11 | N/A | 5.5 MEDIUM |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination. | |||||
| CVE-2024-44169 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-11 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause unexpected system termination. | |||||
| CVE-2024-27862 | 1 Apple | 1 Macos | 2024-12-10 | N/A | 2.4 LOW |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled. | |||||
| CVE-2024-23265 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-09 | N/A | 7.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-5625 | 1 Redhat | 6 Enterprise Linux, Openshift Container Platform For Arm64, Openshift Container Platform For Linuxone and 3 more | 2024-12-06 | N/A | 5.3 MEDIUM |
| A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. | |||||