Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21359 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
| TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This is fixed in versions 9.5.25, 10.4.14, 11.1.1. | |||||
| CVE-2019-11479 | 4 Canonical, F5, Linux and 1 more | 21 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 18 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363. | |||||
| CVE-2018-15492 | 1 Gemalto | 1 Sentinel License Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification. | |||||
| CVE-2024-45590 | 1 Openjsf | 1 Body-parser | 2024-09-20 | N/A | 7.5 HIGH |
| body-parser is Node.js body parsing middleware. body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue is patched in 1.20.3. | |||||
| CVE-2024-40705 | 1 Ibm | 1 Infosphere Information Server | 2024-08-15 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279. | |||||