Total
2188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21543 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.1 HIGH |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | |||||
| CVE-2023-21339 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21280 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21253 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21240 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-20176 | 1 Cisco | 10 Catalyst 9124, Catalyst 9124 Firmware, Catalyst 9130 and 7 more | 2024-11-21 | N/A | 5.8 MEDIUM |
| A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an affected device as a wireless client and sending a high rate of traffic over an extended period of time. A successful exploit could allow the attacker to cause the Datagram TLS (DTLS) session to tear down and reset, causing a denial of service (DoS) condition. | |||||
| CVE-2023-20014 | 1 Cisco | 1 Nexus Dashboard | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a continuous stream of DNS requests to an affected device. A successful exploit could allow the attacker to cause the coredns service to stop working or cause the device to reload, resulting in a DoS condition. | |||||
| CVE-2023-1654 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
| Denial of Service in GitHub repository gpac/gpac prior to 2.4.0. | |||||
| CVE-2023-1605 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. | |||||
| CVE-2023-1206 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 5.7 MEDIUM |
| A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. | |||||
| CVE-2023-1072 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible to trigger a resource depletion attack due to improper filtering for number of requests to read commits details. | |||||
| CVE-2023-0384 | 1 M-files | 1 M-files Server | 2024-11-21 | N/A | 6.5 MEDIUM |
| User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job. | |||||
| CVE-2023-0383 | 1 M-files | 1 M-files Server | 2024-11-21 | N/A | 7.5 HIGH |
| User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption. | |||||
| CVE-2023-0382 | 1 M-files | 1 M-files Server | 2024-11-21 | N/A | 6.5 MEDIUM |
| User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption. | |||||
| CVE-2022-4896 | 1 Cbm | 1 Control De Ciber | 2024-11-21 | N/A | 8.2 HIGH |
| Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the server of pop-up windows with the messages "PNTMEDIDAS", "PEDIR", "HAYDISCOA" or "SPOOLER". A complete denial of service can be achieved by sending multiple requests simultaneously on a core. | |||||
| CVE-2022-4767 | 1 Usememos | 1 Memos | 2024-11-21 | N/A | 7.5 HIGH |
| Denial of Service in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-48571 | 1 Memcached | 1 Memcached | 2024-11-21 | N/A | 7.5 HIGH |
| memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. | |||||
| CVE-2022-48564 | 2 Netapp, Python | 2 Active Iq Unified Manager, Python | 2024-11-21 | N/A | 6.5 MEDIUM |
| read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | |||||
| CVE-2022-48474 | 1 Cbm | 1 Control De Ciber | 2024-11-21 | N/A | 8.2 HIGH |
| Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the version function. Sending a malicious request could cause the server to check if an unrecognized component is up to date, causing a memory failure error that shuts down the process. | |||||
| CVE-2022-48063 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A | 5.5 MEDIUM |
| GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | |||||