Total
1497 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-36462 | 1 Zabbix | 1 Zabbix | 2024-12-10 | 7.5 High |
| Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls. This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system. | ||||
| CVE-2020-28400 | 2 Seimens, Siemens | 188 Scalance M812-1 Adsl-router Annex A, Scalance M812-1 Adsl-router Annex B, Development Evaluation Kits For Profinet Io Dk Standard Ethernet Controller and 185 more | 2024-12-10 | 7.5 High |
| Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. | ||||
| CVE-2022-1337 | 1 Mattermost | 1 Mattermost Server | 2024-12-06 | 4.3 Medium |
| The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files. | ||||
| CVE-2022-1333 | 1 Mattermost | 1 Playbooks | 2024-12-06 | 3.5 Low |
| Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service. | ||||
| CVE-2022-2406 | 1 Mattermost | 1 Mattermost | 2024-12-06 | 4.3 Medium |
| The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API. | ||||
| CVE-2022-3147 | 1 Mattermost | 1 Mattermost Server | 2024-12-06 | 3.1 Low |
| Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service. | ||||
| CVE-2022-4019 | 1 Mattermost | 1 Mattermost | 2024-12-06 | 4.3 Medium |
| A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints. | ||||
| CVE-2022-4044 | 1 Mattermost | 1 Mattermost | 2024-12-06 | 4.3 Medium |
| A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages. | ||||
| CVE-2022-4045 | 1 Mattermost | 1 Mattermost | 2024-12-06 | 3.1 Low |
| A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data. | ||||
| CVE-2023-36371 | 1 Monetdb | 1 Monetdb | 2024-12-06 | 7.5 High |
| An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2023-36370 | 1 Monetdb | 1 Monetdb | 2024-12-06 | 7.5 High |
| An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2023-36369 | 1 Monetdb | 1 Monetdb | 2024-12-06 | 7.5 High |
| An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-34055 | 2 Cyrusimap, Redhat | 2 Cyrus Imap, Enterprise Linux | 2024-12-06 | 6.5 Medium |
| Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command. | ||||
| CVE-2024-48843 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2024-12-05 | 7.7 High |
| Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | ||||
| CVE-2024-48844 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2024-12-05 | 7.7 High |
| Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | ||||
| CVE-2023-32385 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-12-05 | 5.5 Medium |
| A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a PDF file may lead to unexpected app termination. | ||||
| CVE-2024-53857 | 1 Rpgp | 1 Rpgp | 2024-12-05 | 7.5 High |
| rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys. | ||||
| CVE-2023-21176 | 1 Google | 1 Android | 2024-12-05 | 4.4 Medium |
| In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335 | ||||
| CVE-2023-49559 | 2024-12-03 | 3.7 Low | ||
| An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function. | ||||
| CVE-2018-0137 | 1 Cisco | 1 Prime Network | 2024-12-02 | N/A |
| A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP SYN packets to the local IP address of the targeted application. A successful exploit could allow the attacker to cause the device to consume a high amount of memory and become slow, or to stop accepting new TCP connections to the application. Cisco Bug IDs: CSCvg48152. | ||||