Total
2576 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-4210 | 1 Gitlab | 1 Gitlab | 2024-08-23 | N/A | 6.5 MEDIUM |
| A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 12.6 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause a denial of service using crafted adoc files. | |||||
| CVE-2024-43105 | 2024-08-23 | N/A | 4.3 MEDIUM | ||
| Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once. | |||||
| CVE-2024-39810 | 1 Mattermost | 1 Mattermost | 2024-08-23 | N/A | 4.9 MEDIUM |
| Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the connection, cause the application to crash. | |||||
| CVE-2024-45163 | 2024-08-22 | N/A | 9.1 CRITICAL | ||
| The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, an attacker can send a recognized username (such as root), or can send arbitrary data. | |||||
| CVE-2024-42950 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-21 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-43380 | 1 Floraison | 1 Fugit | 2024-08-21 | N/A | 5.3 MEDIUM |
| fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1. | |||||
| CVE-2024-41727 | 1 F5 | 23 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 20 more | 2024-08-20 | N/A | 7.5 HIGH |
| In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2024-38168 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-08-16 | N/A | 7.5 HIGH |
| .NET and Visual Studio Denial of Service Vulnerability | |||||
| CVE-2024-42981 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42980 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42969 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42951 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-42943 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2024-08-16 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-7567 | 2024-08-14 | N/A | N/A | ||
| A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). If exploited, the CIP/Modbus communication may be disrupted for short duration. | |||||
| CVE-2022-4003 | 1 Motorola | 2 Q14, Q14 Firmware | 2024-08-13 | N/A | 2.7 LOW |
| A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request. | |||||
| CVE-2024-30170 | 1 Ssh | 1 Privx | 2024-08-12 | N/A | 9.1 CRITICAL |
| PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later, | |||||