Total
2079 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20692 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 6.8 MEDIUM | 7.7 HIGH |
| A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to insufficient resource management. An attacker could exploit this vulnerability by initiating a large number of NETCONF over SSH connections. A successful exploit could allow the attacker to exhaust resources, causing the device to reload and resulting in a DoS condition on an affected device. | |||||
| CVE-2022-20425 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235823407 | |||||
| CVE-2022-1982 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Uncontrolled resource consumption in Mattermost version 6.6.0 and earlier allows an authenticated attacker to crash the server via a crafted SVG attachment on a post. | |||||
| CVE-2022-1797 | 1 Rockwellautomation | 18 Compact Guardlogix 5370, Compact Guardlogix 5370 Firmware, Compact Guardlogix 5380 and 15 more | 2024-11-21 | 7.8 HIGH | 6.8 MEDIUM |
| A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online. | |||||
| CVE-2022-1699 | 1 Organizr | 1 Organizr | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | |||||
| CVE-2022-1677 | 1 Redhat | 1 Openshift Container Platform | 2024-11-21 | N/A | 6.3 MEDIUM |
| In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. This malformed entry can match any arbitrary hostname, or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including one under attacker control. | |||||
| CVE-2022-1468 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x on F5 BIG-IP, an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests via undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2022-1259 | 2 Netapp, Redhat | 10 Active Iq Unified Manager, Cloud Secure Agent, Oncommand Insight and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629. | |||||
| CVE-2022-1099 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of GitLab | |||||
| CVE-2022-0695 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. | |||||
| CVE-2022-0671 | 1 Redhat | 1 Vscode-xml | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file. | |||||
| CVE-2022-0489 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments. | |||||
| CVE-2022-0488 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. It was possible to trigger a timeout on a page with markdown by using a specific amount of block-quotes. | |||||
| CVE-2022-0476 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. | |||||
| CVE-2021-46668 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. | |||||
| CVE-2021-46149 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A denial of service (resource consumption) can be accomplished by searching for a very long key in a Language Name Search. | |||||
| CVE-2021-44716 | 3 Debian, Golang, Netapp | 3 Debian Linux, Go, Cloud Insights Telegraf | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | |||||
| CVE-2021-44686 | 2 Calibre-ebook, Fedoraproject | 2 Calibre, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py. | |||||
| CVE-2021-44527 | 1 Ui | 1 Unifi Switch Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 and later. | |||||
| CVE-2021-43933 | 1 Fanuc | 1 Roboguide | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources. | |||||