Total
1167 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-43768 | 1 Couchbase | 1 Couchbase Server | 2025-04-23 | N/A | 7.5 HIGH |
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands. | |||||
CVE-2023-45873 | 1 Couchbase | 1 Couchbase Server | 2025-04-23 | N/A | 6.5 MEDIUM |
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service (application exist) because of the OOM killer. | |||||
CVE-2025-32959 | 2025-04-23 | N/A | 6.5 MEDIUM | ||
CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run out of space and return HTTP 500 error, resulting in a denial of service. This issue has been patched in version 7.2.23. A workaround is provided on the Jmix documentation website. | |||||
CVE-2022-20485 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702935 | |||||
CVE-2022-20484 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702851 | |||||
CVE-2022-20480 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764350 | |||||
CVE-2023-51297 | 1 Phpjabbers | 1 Hotel Booking System | 2025-04-22 | N/A | 6.5 MEDIUM |
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. | |||||
CVE-2022-20479 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764340 | |||||
CVE-2022-20478 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764135 | |||||
CVE-2022-20487 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703202 | |||||
CVE-2022-20486 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703118 | |||||
CVE-2017-5835 | 1 Libimobiledevice | 1 Libplist | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero. | |||||
CVE-2017-9039 | 1 Gnu | 1 Binutils | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c. | |||||
CVE-2017-1227 | 1 Ibm | 1 Bigfix Platform | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906. | |||||
CVE-2017-5850 | 1 Openbsd | 1 Openbsd | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | |||||
CVE-2017-12432 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service. | |||||
CVE-2017-0771 | 1 Google | 1 Android | 2025-04-20 | 7.1 HIGH | 5.5 MEDIUM |
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37624243. | |||||
CVE-2017-0725 | 1 Google | 1 Android | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194. | |||||
CVE-2017-12875 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file. | |||||
CVE-2017-6713 | 1 Cisco | 1 Elastic Services Controller | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between installations. An attacker who can extract the static credentials from an existing installation of Cisco ESC could generate an admin session token that allows access to all instances of the ESC web UI. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76627. |