Total
2188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1787 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description. | |||||
| CVE-2023-1733 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 5.8 MEDIUM |
| A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. | |||||
| CVE-2023-1071 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 3.1 LOW |
| An issue has been discovered in GitLab affecting all versions from 15.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. Due to improper permissions checks it was possible for an unauthorised user to remove an issue from an epic. | |||||
| CVE-2025-25186 | 2025-02-10 | N/A | 6.5 MEDIUM | ||
| Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`'s response parser. At any time while the client is connected, a malicious server can send can send highly compressed `uid-set` data which is automatically read by the client's receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory. | |||||
| CVE-2023-27643 | 1 Powerampapp | 1 Poweramp | 2025-02-10 | N/A | 7.5 HIGH |
| An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library | |||||
| CVE-2024-39557 | 1 Juniper | 1 Junos Os Evolved | 2025-02-07 | N/A | 6.5 MEDIUM |
| An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS). Certain MAC table updates cause a small amount of memory to leak. Once memory utilization reaches its limit, the issue will result in a system crash and restart. To identify the issue, execute the CLI command: user@device> show platform application-info allocations app l2ald-agent EVL Object Allocation Statistics: Node Application Context Name Live Allocs Fails Guids re0 l2ald-agent net::juniper::rtnh::L2Rtinfo 1069096 1069302 0 1069302 re0 l2ald-agent net::juniper::rtnh::NHOpaqueTlv 114 195 0 195 This issue affects Junos OS Evolved: * All versions before 21.4R3-S8-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S3-EVO, * from 22.4-EVO before 22.4R3-EVO, * from 23.2-EVO before 23.2R2-EVO. | |||||
| CVE-2023-30635 | 1 Tikv | 1 Tikv | 2025-02-07 | N/A | 7.5 HIGH |
| TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error) upon an attempt to get a timestamp from the Placement Driver. | |||||
| CVE-2022-40946 | 1 Dlink | 2 Dir-819, Dir-819 Firmware | 2025-02-06 | N/A | 7.5 HIGH |
| On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request. | |||||
| CVE-2021-39295 | 1 Openbmc-project | 1 Openbmc | 2025-02-06 | N/A | 7.5 HIGH |
| In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface. | |||||
| CVE-2023-27652 | 1 Egostudiogroup | 1 Super Clean | 2025-02-05 | N/A | 5.5 MEDIUM |
| An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges cause a denial of service via the update_info field of the _default_.xml file. | |||||
| CVE-2022-30691 | 1 Intel | 1 Support | 2025-02-05 | N/A | 5.9 MEDIUM |
| Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-21090 | 1 Google | 1 Android | 2025-02-05 | N/A | 5.0 MEDIUM |
| In parseUsesPermission of ParsingPackageUtils.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259942609 | |||||
| CVE-2023-30408 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry. | |||||
| CVE-2023-30406 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c. | |||||
| CVE-2022-24109 | 1 Opennetworking | 1 Onos | 2025-02-05 | N/A | 6.5 MEDIUM |
| An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller. | |||||
| CVE-2022-24035 | 1 Opennetworking | 1 Onos | 2025-02-05 | N/A | 7.5 HIGH |
| An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in topology (e.g., link failure). In combination with other applications, it could lead to a failure of network management. | |||||
| CVE-2023-29479 | 1 Ribose | 1 Rnp | 2025-02-04 | N/A | 5.3 MEDIUM |
| Ribose RNP before 0.16.3 may hang when the input is malformed. | |||||
| CVE-2024-0157 | 1 Dell | 2 Storage Monitoring And Reporting, Storage Resource Manager | 2025-02-04 | N/A | 5.9 MEDIUM |
| Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session. | |||||
| CVE-2024-47239 | 1 Dell | 1 Powerscale Onefs | 2025-02-04 | N/A | 6.5 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-23450 | 1 Elastic | 1 Elasticsearch | 2025-02-04 | N/A | 4.9 MEDIUM |
| A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. | |||||