ReportizFlow
Filtered by vendor
Subscriptions
Total
3665 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27088 | 1 Medikoo | 1 Es5-ext | 2025-02-05 | 0 Low |
| es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63. | ||||
| CVE-2023-30408 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | 5.5 Medium |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry. | ||||
| CVE-2023-30406 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | 5.5 Medium |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c. | ||||
| CVE-2022-24109 | 1 Opennetworking | 1 Onos | 2025-02-05 | 6.5 Medium |
| An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller. | ||||
| CVE-2022-24035 | 1 Opennetworking | 1 Onos | 2025-02-05 | 7.5 High |
| An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in topology (e.g., link failure). In combination with other applications, it could lead to a failure of network management. | ||||
| CVE-2024-0157 | 1 Dell | 2 Storage Monitoring And Reporting, Storage Resource Manager | 2025-02-04 | 5.9 Medium |
| Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session. | ||||
| CVE-2024-47554 | 1 Redhat | 1 Amq Streams | 2025-01-31 | 4.3 Medium |
| Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue. | ||||
| CVE-2023-31670 | 1 Webassembly | 1 Webassembly Binary Toolkit | 2025-01-31 | 7.5 High |
| An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service (DoS) via running a crafted binary. | ||||
| CVE-2023-31615 | 1 Openlinksw | 1 Virtuoso | 2025-01-31 | 7.5 High |
| An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2023-31614 | 1 Openlinksw | 1 Virtuoso | 2025-01-31 | 7.5 High |
| An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. | ||||
| CVE-2022-40302 | 3 Debian, Frrouting, Redhat | 3 Debian Linux, Frrouting, Enterprise Linux | 2025-01-30 | 6.5 Medium |
| An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. | ||||
| CVE-2023-24594 | 1 F5 | 20 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 17 more | 2025-01-30 | 5.3 Medium |
| When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-10314 | 1 Perforce | 1 Helix Core | 2025-01-29 | N/A |
| In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Więsek. | ||||
| CVE-2024-10344 | 1 Perforce | 1 Helix Core | 2025-01-29 | N/A |
| In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek. | ||||
| CVE-2024-10345 | 1 Perforce | 1 Helix Core | 2025-01-29 | N/A |
| In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek. | ||||
| CVE-2023-22874 | 1 Ibm | 1 Mq Appliance | 2025-01-29 | 5.5 Medium |
| IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216. | ||||
| CVE-2023-26595 | 1 Cybozu | 1 Garoon | 2025-01-28 | 5.5 Medium |
| Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition. | ||||
| CVE-2023-33297 | 1 Bitcoin | 1 Bitcoin Core | 2025-01-28 | 7.5 High |
| Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. | ||||
| CVE-2022-4008 | 1 Octopus | 1 Octopus Server | 2025-01-28 | 5.5 Medium |
| In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service | ||||
| CVE-2022-46645 | 1 Intel | 1 Smart Campus | 2025-01-27 | 5 Medium |
| Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version 9.9 may allow an authenticated user to potentially enable denial of service via local access. | ||||