Total
1153 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26964 | 1 Hyper | 2 H2, Hyper | 2025-02-11 | N/A | 7.5 HIGH |
| An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service (DoS). | |||||
| CVE-2025-25186 | 2025-02-10 | N/A | 6.5 MEDIUM | ||
| Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`'s response parser. At any time while the client is connected, a malicious server can send can send highly compressed `uid-set` data which is automatically read by the client's receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory. | |||||
| CVE-2023-27653 | 1 Whoapp | 1 Who | 2025-02-10 | N/A | 7.5 HIGH |
| An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files. | |||||
| CVE-2023-27643 | 1 Powerampapp | 1 Poweramp | 2025-02-10 | N/A | 7.5 HIGH |
| An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library | |||||
| CVE-2018-15472 | 1 Gitlab | 1 Gitlab | 2025-02-10 | N/A | 7.5 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. The diff formatter using rouge can block for a long time in Sidekiq jobs without any timeout. | |||||
| CVE-2024-23837 | 2 Fedoraproject, Oisf | 2 Fedora, Libhtp | 2025-02-07 | N/A | 7.5 HIGH |
| LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46. | |||||
| CVE-2024-12705 | 2025-02-07 | N/A | 7.5 HIGH | ||
| Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1. | |||||
| CVE-2023-30636 | 1 Tikv | 1 Tikv | 2025-02-07 | N/A | 7.5 HIGH |
| TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus UNAVAILABLE for "not leader") upon an attempt to start a node in a situation where the context deadline is exceeded | |||||
| CVE-2023-29573 | 1 Axiosys | 1 Bento4 | 2025-02-07 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. | |||||
| CVE-2025-1072 | 2025-02-07 | N/A | 6.5 MEDIUM | ||
| A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer. | |||||
| CVE-2024-2878 | 2025-02-05 | N/A | 7.5 HIGH | ||
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible for an attacker to cause a denial of service by crafting unusual search terms for branch names. | |||||
| CVE-2025-24312 | 2025-02-05 | N/A | 7.5 HIGH | ||
| When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-24127 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-02-05 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | |||||
| CVE-2023-30408 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component build/bin/jerry. | |||||
| CVE-2023-30406 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c. | |||||
| CVE-2025-24086 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-05 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service. | |||||
| CVE-2023-6386 | 2025-02-05 | N/A | 6.5 MEDIUM | ||
| A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation. | |||||
| CVE-2025-24112 | 1 Apple | 1 Macos | 2025-02-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination. | |||||
| CVE-2024-54497 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-04 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service. | |||||
| CVE-2023-29575 | 1 Axiosys | 1 Bento4 | 2025-02-04 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. | |||||