Total
2601 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23296 | 1 Korenix | 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more | 2025-03-17 | N/A | 6.5 MEDIUM |
| Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault. | |||||
| CVE-2024-23712 | 1 Google | 1 Android | 2025-03-17 | N/A | 5.5 MEDIUM |
| In multiple functions of AppOpsService.java, there is a possible way to saturate the content of /data/system/appops_accesses.xml due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-23009 | 2 Debian, Libreswan | 2 Debian Linux, Libreswan | 2025-03-17 | N/A | 6.5 MEDIUM |
| Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length. | |||||
| CVE-2023-52602 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-14 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds Read in dtSearch Currently while searching for current page in the sorted entry table of the page there is a out of bound access. Added a bound check to fix the error. Dave: Set return code to -EIO | |||||
| CVE-2024-24424 | 2025-03-14 | N/A | 7.5 HIGH | ||
| A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | |||||
| CVE-2024-44227 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-14 | N/A | 7.5 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2024-54546 | 1 Apple | 1 Macos | 2025-03-14 | N/A | 7.5 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2024-57074 | 2025-03-13 | N/A | 7.5 HIGH | ||
| A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | |||||
| CVE-2024-57085 | 2025-03-13 | N/A | 7.5 HIGH | ||
| A prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | |||||
| CVE-2024-21204 | 1 Oracle | 1 Mysql | 2025-03-13 | N/A | 4.9 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.4.0 and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2022-32505 | 2025-03-13 | N/A | 7.1 HIGH | ||
| An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4. | |||||
| CVE-2024-57075 | 2025-03-13 | N/A | 7.5 HIGH | ||
| A prototype pollution in the lib.Logger function of eazy-logger v4.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. | |||||
| CVE-2024-56940 | 1 Learndash | 1 Learndash | 2025-03-13 | N/A | 7.5 HIGH |
| An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads. | |||||
| CVE-2024-42399 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2025-03-13 | N/A | 5.3 MEDIUM |
| Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | |||||
| CVE-2024-21207 | 1 Oracle | 1 Mysql | 2025-03-13 | N/A | 4.9 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior, 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2023-39477 | 1 Inductiveautomation | 1 Ignition | 2025-03-12 | N/A | 7.5 HIGH |
| Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20499. | |||||
| CVE-2023-26104 | 1 Lite-web-server Project | 1 Lite-web-server | 2025-03-11 | N/A | 7.5 HIGH |
| All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse. | |||||
| CVE-2021-36395 | 1 Moodle | 1 Moodle | 2025-03-07 | N/A | 7.5 HIGH |
| In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service. | |||||
| CVE-2022-38734 | 1 Netapp | 1 Storagegrid | 2025-03-07 | N/A | 7.5 HIGH |
| StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service. | |||||
| CVE-2022-3277 | 2 Openstack, Redhat | 2 Neutron, Openstack Platform | 2025-03-07 | N/A | 6.5 MEDIUM |
| An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service. | |||||