Total
1356 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0121 | 1 Gitlab | 1 Gitlab | 2025-01-07 | N/A | 6.5 MEDIUM |
| A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2 which allows an attacker to cause high resource consumption using malicious test report artifacts. | |||||
| CVE-2023-29767 | 1 Appcrossx | 1 Crossx | 2025-01-06 | N/A | 5.5 MEDIUM |
| An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause a persistent denial of service via the database files. | |||||
| CVE-2024-54538 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-01-06 | N/A | 7.5 HIGH |
| A denial-of-service issue was addressed with improved input validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, macOS Ventura 13.7.1. A remote attacker may be able to cause a denial-of-service. | |||||
| CVE-2024-49767 | 1 Palletsprojects | 2 Quart, Werkzeug | 2025-01-03 | N/A | 7.5 HIGH |
| Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications) are vulnerable to a relatively simple but effective resource exhaustion (denial of service) attack. A specifically crafted form submission request can cause the parser to allocate and block 3 to 8 times the upload size in main memory. There is no upper limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds. Werkzeug version 3.0.6 fixes this issue. | |||||
| CVE-2024-56319 | 2024-12-31 | N/A | 7.5 HIGH | ||
| In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion). | |||||
| CVE-2023-21144 | 1 Google | 1 Android | 2024-12-18 | N/A | 7.5 HIGH |
| In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417 | |||||
| CVE-2024-44241 | 1 Apple | 2 Ipados, Iphone Os | 2024-12-18 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware. | |||||
| CVE-2024-43083 | 1 Google | 1 Android | 2024-12-17 | N/A | 5.5 MEDIUM |
| In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-31314 | 1 Google | 1 Android | 2024-12-17 | N/A | 5.5 MEDIUM |
| In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-30903 | 1 Hp | 1 Hp-ux | 2024-12-17 | N/A | 5.5 MEDIUM |
| HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. | |||||
| CVE-2022-34357 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-12-17 | N/A | 6.5 MEDIUM |
| IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other legitimate users. IBM X-Force ID: 230510. | |||||
| CVE-2024-0026 | 1 Google | 1 Android | 2024-12-17 | N/A | 5.5 MEDIUM |
| In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-0027 | 1 Google | 1 Android | 2024-12-17 | N/A | 5.5 MEDIUM |
| In multiple functions of SnoozeHelper.java, there is a possible way to cause a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-2874 | 1 Gitlab | 1 Gitlab | 2024-12-16 | N/A | 6.5 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. A runner registered with a crafted description has the potential to disrupt the loading of targeted GitLab web resources. | |||||
| CVE-2024-1953 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 4.3 MEDIUM |
| Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request. | |||||
| CVE-2024-28053 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 3.1 LOW |
| Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server. | |||||
| CVE-2024-2446 | 1 Mattermost | 1 Mattermost Server | 2024-12-13 | N/A | 4.3 MEDIUM |
| Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to limit the number of @-mentions processed per message, allowing an authenticated attacker to crash the client applications of other users via large, crafted messages. | |||||
| CVE-2024-6826 | 1 Gitlab | 1 Gitlab | 2024-12-13 | N/A | 6.5 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. A denial of service could occur via importing a malicious crafted XML manifest file. | |||||
| CVE-2024-4539 | 1 Gitlab | 1 Gitlab | 2024-12-13 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 where abusing the API to filter branch and tags could lead to Denial of Service. | |||||
| CVE-2024-28949 | 1 Mattermost | 1 Mattermost Server | 2024-12-12 | N/A | 4.3 MEDIUM |
| Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service. | |||||