Filtered by vendor
Subscriptions
Total
1086 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-47969 | 2024-12-11 | 6.2 Medium | ||
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service. | ||||
CVE-2024-47967 | 2024-12-11 | 4.4 Medium | ||
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service. | ||||
CVE-2024-43567 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2024-12-10 | 7.5 High |
Windows Hyper-V Denial of Service Vulnerability | ||||
CVE-2024-22164 | 1 Splunk | 1 Enterprise Security | 2024-12-10 | 4.3 Medium |
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible. | ||||
CVE-2024-36462 | 1 Zabbix | 1 Zabbix | 2024-12-10 | 7.5 High |
Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls. This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system. | ||||
CVE-2020-28400 | 2 Seimens, Siemens | 188 Scalance M812-1 Adsl-router Annex A, Scalance M812-1 Adsl-router Annex B, Development Evaluation Kits For Profinet Io Dk Standard Ethernet Controller and 185 more | 2024-12-10 | 7.5 High |
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. | ||||
CVE-2022-1337 | 1 Mattermost | 1 Mattermost Server | 2024-12-07 | 4.3 Medium |
The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files. | ||||
CVE-2022-1333 | 1 Mattermost | 1 Playbooks | 2024-12-07 | 3.5 Low |
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service. | ||||
CVE-2022-2406 | 1 Mattermost | 1 Mattermost | 2024-12-07 | 4.3 Medium |
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API. | ||||
CVE-2022-3147 | 1 Mattermost | 1 Mattermost Server | 2024-12-07 | 3.1 Low |
Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service. | ||||
CVE-2022-4019 | 1 Mattermost | 1 Mattermost | 2024-12-07 | 4.3 Medium |
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints. | ||||
CVE-2022-4044 | 1 Mattermost | 1 Mattermost | 2024-12-07 | 4.3 Medium |
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages. | ||||
CVE-2022-4045 | 1 Mattermost | 1 Mattermost | 2024-12-07 | 3.1 Low |
A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data. | ||||
CVE-2023-47717 | 1 Ibm | 1 Security Guardium | 2024-12-07 | 4.4 Medium |
IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690. | ||||
CVE-2023-36371 | 1 Monetdb | 1 Monetdb | 2024-12-06 | 7.5 High |
An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
CVE-2023-36370 | 1 Monetdb | 1 Monetdb | 2024-12-06 | 7.5 High |
An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
CVE-2024-12254 | 2 Python Software Foundation, Redhat | 3 Cpython, Enterprise Linux, Rhel Eus | 2024-12-06 | 7.5 High |
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected. | ||||
CVE-2023-36369 | 1 Monetdb | 1 Monetdb | 2024-12-06 | 7.5 High |
An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
CVE-2023-2828 | 5 Debian, Fedoraproject, Isc and 2 more | 19 Debian Linux, Fedora, Bind and 16 more | 2024-12-06 | 7.5 High |
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. | ||||
CVE-2024-53907 | 2 Djangoproject, Redhat | 2 Django, Ansible Automation Platform | 2024-12-06 | 7.5 High |
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities. |