ReportizFlow
Filtered by vendor
Subscriptions
Total
560 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2953 | 1 Linuxfoundation | 1 Pytorch | 2025-04-22 | 3.3 Low |
| A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The security policy of the project warns to use unknown models which might establish malicious effects. | ||||
| CVE-2012-2805 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service. | ||||
| CVE-2017-8071 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors. | ||||
| CVE-2017-5650 | 1 Apache | 1 Tomcat | 2025-04-20 | N/A |
| In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These waiting streams each consumed a thread. A malicious client could therefore construct a series of HTTP/2 requests that would consume all available processing threads. | ||||
| CVE-2017-1000369 | 2 Debian, Exim | 2 Debian Linux, Exim | 2025-04-20 | 4.0 Medium |
| Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time. | ||||
| CVE-2017-8925 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-20 | N/A |
| The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling. | ||||
| CVE-2016-8212 | 1 Dell | 1 Bsafe Crypto-j | 2025-04-20 | 7.5 High |
| An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper OCSP Validation Vulnerability. OCSP responses have two time values: thisUpdate and nextUpdate. These specify a validity period; however, both values are optional. Crypto-J treats the lack of a nextUpdate as indicating that the OCSP response is valid indefinitely instead of restricting its validity for a brief period surrounding the thisUpdate time. This vulnerability is similar to the issue described in CVE-2015-4748. | ||||
| CVE-2017-11480 | 1 Elasticsearch | 1 Packetbeat | 2025-04-20 | N/A |
| Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic. | ||||
| CVE-2017-0769 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37662122. | ||||
| CVE-2017-1145 | 1 Ibm | 1 Websphere Mq | 2025-04-20 | N/A |
| IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672. | ||||
| CVE-2017-0733 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A denial of service vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38391487. | ||||
| CVE-2017-9059 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak. | ||||
| CVE-2017-7472 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-20 | N/A |
| The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. | ||||
| CVE-2016-10363 | 1 Elastic | 1 Logstash | 2025-04-20 | N/A |
| Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit. | ||||
| CVE-2017-11016 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation fails while creating a calibration block in create_cal_block stale pointers are left uncleared. | ||||
| CVE-2024-57654 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the qst_vec_get_int64 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57659 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlg_parallel_ts_seq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57661 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlo_df component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2022-46314 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 7.5 High |
| The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2025-3016 | 1 Assimp | 1 Assimp | 2025-04-17 | 4.3 Medium |
| A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulation of the argument mWidth/mHeight leads to resource consumption. The attack can be initiated remotely. Upgrading to version 6.0 is able to address this issue. The name of the patch is 5d2a7482312db2e866439a8c05a07ce1e718bed1. It is recommended to apply a patch to fix this issue. | ||||