Total
2334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32636 | 1 Gnome | 1 Glib | 2024-11-21 | N/A | 4.7 MEDIUM |
| A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. | |||||
| CVE-2023-32611 | 1 Gnome | 1 Glib | 2024-11-21 | N/A | 5.5 MEDIUM |
| A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. | |||||
| CVE-2023-32341 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | N/A | 6.5 MEDIUM |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 255827. | |||||
| CVE-2023-32229 | 1 Bosch | 17 Autodome 7000i, Autodome 7100 Ir, Autodome Inteox 7000i and 14 more | 2024-11-21 | N/A | 4.9 MEDIUM |
| Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256. | |||||
| CVE-2023-32067 | 3 C-ares Project, Debian, Fedoraproject | 3 C-ares, Debian Linux, Fedora | 2024-11-21 | N/A | 7.5 HIGH |
| c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. | |||||
| CVE-2023-32013 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2023-31889 | 2024-11-21 | N/A | 5.5 MEDIUM | ||
| An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4.380.8591 allows local attackers to cause a denial of service via crafted GET request. | |||||
| CVE-2023-31418 | 1 Elastic | 2 Elastic Cloud Enterprise, Elasticsearch | 2024-11-21 | N/A | 7.5 HIGH |
| An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild. | |||||
| CVE-2023-31409 | 1 Sick | 14 Ftmg-esd15axx, Ftmg-esd15axx Firmware, Ftmg-esd20axx and 11 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests. | |||||
| CVE-2023-31006 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2024-11-21 | N/A | 6.5 MEDIUM |
| IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776. | |||||
| CVE-2023-30999 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2024-11-21 | N/A | 7.5 HIGH |
| IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 254651. | |||||
| CVE-2023-30798 | 1 Encode | 1 Starlette | 2024-11-21 | N/A | 7.5 HIGH |
| There MultipartParser usage in Encode's Starlette python framework before versions 0.25.0 allows an unauthenticated and remote attacker to specify any number of form fields or files which can cause excessive memory usage resulting in denial of service of the HTTP service. | |||||
| CVE-2023-30769 | 1 Dogecoin | 1 Dogecoin | 2024-11-21 | N/A | 9.1 CRITICAL |
| Vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft consensus messages, send it to individual nodes and take them offline. An attacker can crawl the network peers using getaddr message and attack the unpatched nodes. | |||||
| CVE-2023-30311 | 2024-11-21 | N/A | 7.5 HIGH | ||
| An issue discovered in H3C Magic R365 and H3C Magic R100 routers allows attackers to hijack TCP sessions which could lead to a denial of service. | |||||
| CVE-2023-2990 | 1 Globalscape | 1 Eft Server | 2024-11-21 | N/A | 7.5 HIGH |
| Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service | |||||
| CVE-2023-2831 | 1 Mattermost | 1 Mattermost | 2024-11-21 | N/A | 4.3 MEDIUM |
| Mattermost fails to unescape Markdown strings in a memory-efficient way, allowing an attacker to cause a Denial of Service by sending a message containing a large number of escaped characters. | |||||
| CVE-2023-2798 | 1 Htmlunit | 1 Htmlunit | 2024-11-21 | N/A | 7.5 HIGH |
| Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0. | |||||
| CVE-2023-2793 | 1 Mattermost | 1 Mattermost | 2024-11-21 | N/A | 6.5 MEDIUM |
| Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an attacker to cause a denial-of-service by a linking to a specially crafted webpage in a message. | |||||
| CVE-2023-2785 | 1 Mattermost | 1 Mattermost | 2024-11-21 | N/A | 4.3 MEDIUM |
| Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log files which can result in Denial of Service | |||||
| CVE-2023-2778 | 1 Rockwellautomation | 1 Factorytalk Transaction Manager | 2024-11-21 | N/A | 7.5 HIGH |
| A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS. | |||||