Total
1846 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27321 | 2024-06-04 | N/A | ||
| OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20505. | ||||
| CVE-2023-33141 | 1 Microsoft | 1 Yet Another Reverse Proxy | 2024-06-04 | 7.5 High |
| Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability | ||||
| CVE-2023-45028 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-06-04 | 4.9 Medium |
| An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-25769 | 2024-06-04 | 5.5 Medium | ||
| Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-3637 | 1 Redhat | 1 Openstack Platform | 2024-06-04 | 6.5 Medium |
| An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service. | ||||
| CVE-2023-7258 | 2024-06-04 | 4.8 Medium | ||
| A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past commit 6a112c60a257dadac59962e0bc9e9b5aee70b5b6 | ||||
| CVE-2023-6502 | 2024-06-04 | 4.3 Medium | ||
| A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. It is possible for an attacker to cause a denial of service using a crafted wiki page. | ||||
| CVE-2023-6682 | 2024-06-04 | 6.5 Medium | ||
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. A problem with the processing logic for Discord Integrations Chat Messages can lead to a regular expression DoS attack on the server. | ||||
| CVE-2022-43880 | 2024-06-04 | 4.4 Medium | ||
| IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151. | ||||
| CVE-2020-12667 | 1 Nic | 1 Knot Resolver | 2024-06-04 | 7.5 High |
| Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. | ||||
| CVE-2019-14232 | 2 Djangoproject, Opensuse | 2 Django, Leap | 2024-06-04 | N/A |
| An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. | ||||
| CVE-2023-6681 | 2024-05-29 | 5.3 Medium | ||
| A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack. | ||||
| CVE-2023-24862 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-05-29 | 5.5 Medium |
| Windows Secure Channel Denial of Service Vulnerability | ||||
| CVE-2023-23396 | 1 Microsoft | 2 Office Online Server, Office Web Apps Server | 2024-05-29 | 6.5 Medium |
| Microsoft Excel Denial of Service Vulnerability | ||||
| CVE-2023-23411 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-05-29 | 6.5 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2023-35339 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2024-05-29 | 7.5 High |
| Windows CryptoAPI Denial of Service Vulnerability | ||||
| CVE-2023-35298 | 1 Microsoft | 3 Windows 11 21h2, Windows 11 22h2, Windows Server 2022 | 2024-05-29 | 7.5 High |
| HTTP.sys Denial of Service Vulnerability | ||||
| CVE-2023-21728 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-05-29 | 7.5 High |
| Windows Netlogon Denial of Service Vulnerability | ||||
| CVE-2023-21557 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-05-29 | 7.5 High |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | ||||
| CVE-2023-21547 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2024-05-29 | 7.5 High |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | ||||