CVE Daily
← All tags

Tag: Denial of Service (DoS)

All CVEs associated with "Denial of Service (DoS)". Page 40/331 • 39653 CVEs.

Subscribe CVEs: RSS for “Denial of Service (DoS)”  ·  RSS (High+Critical only)

About “Denial of Service (DoS)”

A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39653 CVEs for this tag (all time). In the last 365 days, 3222 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2024-10-11
High

CVE-2024-47497

An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-47496

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specifi…

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2024-47494

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the AgentD process of Juniper Networks Junos OS allows an attacker who is already causing impact to established sessions which gen…

CVSS: 5.9 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
Medium

CVE-2024-47493

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an una…

CVSS: 6.5 CWE: CWE-401 - Missing Release of Memory after Effective Lifetime View on NVD
Medium

CVE-2024-47491

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to…

CVSS: 5.9 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
High

CVE-2024-47490

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenti…

CVSS: 8.2 CWE: CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints View on NVD
Medium

CVE-2024-47489

An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network ba…

CVSS: 5.8 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
High

CVE-2024-39547

An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending c…

CVSS: 7.5 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
Medium

CVE-2024-39526

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series with MPC10/MPC11/LC9600 line cards, EX9200 with EX9200-15C lines cards, MX3…

CVSS: 6.5 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
Medium

CVE-2024-6657

A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to reco…

CVSS: 6.5 CWE: CWE-821 - Incorrect Synchronization View on NVD
Medium

CVE-2024-45315

The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges t…

CVSS: 5.5 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2024-10-10
Medium

CVE-2024-9787

A vulnerability, which was classified as problematic, was found in Contemporary Control System BASrouter BACnet BASRT-B 2.7.2. This affects an unknown part of the component UDP Packet Handler. The ma…

CVSS: 5.3 CWE: CWE-404 - Improper Resource Shutdown or Release View on NVD
High

CVE-2024-35202

Bitcoin Core before 25.0 allows remote attackers to cause a denial of service (blocktxn message-handling assertion and node exit) by including transactions in a blocktxn message that are not committe…

CVSS: 7.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
High

CVE-2024-9781

AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file

CVSS: 7.8 CWE: CWE-230 - Improper Handling of Missing Values View on NVD
High

CVE-2024-9780

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file

CVSS: 7.8 CWE: CWE-456 - Missing Initialization of a Variable View on NVD
2024-10-09
High

CVE-2024-39525

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker se…

CVSS: 7.5 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
High

CVE-2024-39516

An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically…

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2024-39515

An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacke…

CVSS: 7.5 CWE: CWE-1288 - Improper Validation of Consistency within Input View on NVD
High

CVE-2024-9468

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of ser…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-46304

A NULL pointer dereference in libcoap v4.3.5-rc2 and below allows a remote attacker to cause a denial of service via the coap_handle_request_put_block function in src/coap_block.c.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-46292

A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the name parameter. NOTE: this is disputed by the Supplier because it ca…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-7294

In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-39440

In DRM service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with System execution privileges needed.

CVSS: 6.2 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2024-39439

In DRM service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 6.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2023-45872

An issue was discovered in Qt before 6.2.11 and 6.3.x through 6.6.x before 6.6.1. When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2024-42934

OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with very low probability) authentication bypass or co…

CVSS: 5.0 CWE: CWE-862 - Missing Authorization View on NVD
Critical

CVE-2024-32608

HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-10-08
High

CVE-2024-46539

Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service (DoS).

CVSS: 8.2 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2024-43603

Visual Studio Collector Service Denial of Service Vulnerability

CVSS: 5.5 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
High

CVE-2024-43575

Windows Hyper-V Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2024-43567

Windows Hyper-V Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
High

CVE-2024-43565

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2024-43562

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2024-43561

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2024-43559

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2024-43558

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2024-43557

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2024-43555

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2024-43545

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2024-43544

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-43542

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2024-43541

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-43540

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2024-43538

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2024-43537

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2024-43521

Windows Hyper-V Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-253 - Incorrect Check of Function Return Value View on NVD
Medium

CVE-2024-43520

Windows Kernel Denial of Service Vulnerability

CVSS: 5.0 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2024-43515

Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-43512

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
High

CVE-2024-43506

BranchCache Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2024-43485

.NET and Visual Studio Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-407 - Inefficient Algorithmic Complexity View on NVD
High

CVE-2024-43484

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-407 - Inefficient Algorithmic Complexity View on NVD
High

CVE-2024-43483

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-407 - Inefficient Algorithmic Complexity View on NVD
High

CVE-2024-38149

BranchCache Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2024-25885

An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string.

CVSS: 7.5 CWE: CWE-1333 - Inefficient Regular Expression Complexity View on NVD
High

CVE-2024-47007

A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2024-8422

CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
Low

CVE-2024-45476

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All vers…

CVSS: 3.3 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Low

CVE-2024-45382

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.

CVSS: 3.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
Low

CVE-2024-43697

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.

CVSS: 3.3 CWE: CWE-20 - Improper Input Validation View on NVD
Low

CVE-2024-43696

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.

CVSS: 3.3 CWE: CWE-401 - Missing Release of Memory after Effective Lifetime View on NVD
2024-10-07
Medium

CVE-2024-47969

Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.

CVSS: 6.2 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2024-47968

Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.

CVSS: 4.4 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2024-47974

Race condition during resource shutdown in some Solidigm DC Products may allow an attacker to potentially enable denial of service.

CVSS: 4.4 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2024-47967

Improper resource initialization handling in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.

CVSS: 4.4 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2024-47971

Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial of service.

CVSS: 6.5 CWE: CWE-544 - Missing Standardized Error Handling Mechanism View on NVD
Medium

CVE-2024-31227

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and su…

CVSS: 4.4 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2024-47975

Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially enab…

CVSS: 7.0 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2024-38397

Transient DOS while parsing probe response and assoc response frame.

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2024-33071

Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0.

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2024-33070

Transient DOS while parsing ESP IE from beacon/probe response frame.

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2024-33069

Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.

CVSS: 7.5 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-33049

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2024-20094

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed fo…

CVSS: 7.5 CWE: CWE-617 - Reachable Assertion View on NVD
2024-10-03
High

CVE-2024-41595

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations.

CVSS: 8.0 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2024-8508

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams response…

CVSS: 5.3 CWE: CWE-606 - Unchecked Input for Loop Condition View on NVD
Medium

CVE-2024-45871

Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS).

CVSS: 6.3 CWE: CWE-20 - Improper Input Validation View on NVD
Low

CVE-2024-0125

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A s…

CVSS: 3.3 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Low

CVE-2024-0124

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A succ…

CVSS: 3.3 CWE: CWE-416 - Use After Free View on NVD
Low

CVE-2024-0123

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into runnin…

CVSS: 3.3 CWE: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input View on NVD
High

CVE-2024-25590

An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2024-47136

Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project fi…

CVSS: 7.8 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2024-47135

Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted p…

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2024-47134

Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project f…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-10-02
Medium

CVE-2024-20513

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for…

CVSS: 5.8 CWE: CWE-639 - Authorization Bypass Through User-Controlled Key View on NVD
Medium

CVE-2024-20509

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN…

CVSS: 5.8 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2024-20502

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on…

CVSS: 5.8 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2024-20501

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond…

CVSS: 8.6 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2024-20500

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in…

CVSS: 5.8 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2024-20499

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond…

CVSS: 8.6 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-20498

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond…

CVSS: 8.6 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2024-20524

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un…

CVSS: 6.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2024-20523

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un…

CVSS: 6.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2024-20522

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un…

CVSS: 6.5 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-20517

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un…

CVSS: 6.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-20516

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un…

CVSS: 6.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-20444

A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to pe…

CVSS: 5.5 CWE: CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') View on NVD
Medium

CVE-2024-9423

Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, po…

CVSS: 5.3 CWE: CWE-241 - Improper Handling of Unexpected Data Type View on NVD
High

CVE-2024-8038

Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This en…

CVSS: 7.9 CWE: CWE-420 - Unprotected Alternate Channel View on NVD
Critical

CVE-2024-35293

An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.

CVSS: 9.1 CWE: CWE-306 - Missing Authentication for Critical Function View on NVD
2024-10-01
Medium

CVE-2024-47609

Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting…

CVSS: 6.9 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
High

CVE-2024-9399

A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox E…

CVSS: 7.5 CWE: CWE-404 - Improper Resource Shutdown or Release View on NVD
Medium

CVE-2024-0116

NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnera…

CVSS: 4.9 CWE: CWE-125 - Out-of-bounds Read View on NVD
2024-09-27
Medium

CVE-2024-38809

Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of…

CVSS: 5.3 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-46837

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without any perm…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2024-39434

In drm service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 6.2 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2024-39433

In drm service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 6.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-39432

In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.

CVSS: 8.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-39431

In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.

CVSS: 8.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-9029

A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of…

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2024-7011

Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-…

CVSS: 6.5 CWE: CWE-1242 - Inclusion of Undocumented Features or Chicken Bits View on NVD
2024-09-26
High

CVE-2024-37125

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit th…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2024-9199

Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of servi…

CVSS: 5.8 CWE: CWE-799 - Improper Control of Interaction Frequency View on NVD
Critical

CVE-2024-0132

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain acces…

CVSS: 9.0 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
Medium

CVE-2024-8405

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incor…

CVSS: 6.1 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD
2024-09-25
Medium

CVE-2024-46488

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2024-20508

A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured sec…

CVSS: 5.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-20496

A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system.…

CVSS: 6.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utiliz…

CVSS: 8.6 CWE: CWE-783 - Operator Precedence Logic Error View on NVD
High

CVE-2024-20467

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition o…

CVSS: 8.6 CWE: CWE-399 View on NVD