Medium
CVE-2023-42750
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 58/331 • 39664 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39664 CVEs for this tag (all time). In the last 365 days, 3231 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2023-11-01
Medium
CVE-2023-42653
In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges
Medium
CVE-2022-48461
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Medium
CVE-2022-48460
In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed
Medium
CVE-2022-48459
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
Medium
CVE-2022-48458
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
Medium
CVE-2022-48457
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
Medium
CVE-2022-48456
In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed
Medium
CVE-2022-48455
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
Medium
CVE-2022-48454
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
2023-10-31
Medium
CVE-2023-39610
An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted web request.
High
CVE-2023-45955
An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service via crafted write binding attribute commands.
High
CVE-2023-5098
The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges (like subscribers) from overwriting any options on a site with the string "true", whic…
Medium
CVE-2023-31794
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
2023-10-30
High
CVE-2023-45670
Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, the `config/save` and `config/set` endpoints of Frigate do not implement any CSRF protection. This makes it possible…
High
CVE-2023-45956
An issue discovered in Govee LED Strip v3.00.42 allows attackers to cause a denial of service via crafted Move and MoveWithOnoff commands.
Medium
CVE-2023-5349
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. This issue can lead to a denial of service (DOS) by memory exhaustion.
High
CVE-2023-21391
In Messaging, there is a possible way to disable the messaging application due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed…
Medium
CVE-2023-21369
In Usage Access, there is a possible way to display a Settings usage access restriction toggle screen due to a permissions bypass. This could lead to local denial of service with no additional execut…
Medium
CVE-2023-21365
In Contacts, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service in the Phone app with User execution privileges needed. User interaction is not need…
Medium
CVE-2023-21364
In ContactsProvider, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User inte…
Medium
CVE-2023-21362
In Usage, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for e…
High
CVE-2023-21339
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges neede…
2023-10-29
Medium
CVE-2021-33634
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.
2023-10-27
Medium
CVE-2022-3702
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and earlier that could allow a local attacker to delete contents of an arbitrary directory under c…
High
CVE-2023-4967
Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server
Medium
CVE-2022-3429
A denial-of-service vulnerability was found in the firmware used in Lenovo printers, where users send illegal or malformed strings to an open port, triggering a denial of service that causes a displa…
2023-10-26
Medium
CVE-2023-31419
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
2023-10-25
High
CVE-2023-5574
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Za…
High
CVE-2023-5367
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty fu…
Medium
CVE-2023-5568
A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.
High
CVE-2023-46136
Werkzeug is a comprehensive WSGI web application library. In versions on the 3.x branch prior to 3.0.1 and on the 2.x branch prior to 2.3.8, if an upload of a file that starts with CR or LF and then…
Medium
CVE-2023-46120
The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could s…
Medium
CVE-2023-46118
RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An…
Medium
CVE-2023-43281
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.
Medium
CVE-2023-42031
IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption…
High
CVE-2023-39619
ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component.
High
CVE-2023-26573
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.
Medium
CVE-2022-3698
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with admi…
Medium
CVE-2022-0353
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with admi…
2023-10-23
High
CVE-2023-42295
An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_rle_image function of file bifs/unquantize.c
2023-10-22
High
CVE-2023-46298
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via…
2023-10-21
Medium
CVE-2023-45680
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, the…
2023-10-19
High
CVE-2023-43251
XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
Critical
CVE-2023-5241
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscribe…
2023-10-18
High
CVE-2023-45812
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service (DoS…
Medium
CVE-2023-45813
Torbot is an open source tor network intelligence tool. In affected versions the `torbot.modules.validators.validate_link function` uses the python-validators URL validation regex. This particular re…
Medium
CVE-2023-30911
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
High
CVE-2023-43250
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve…
High
CVE-2023-5632
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption.…
High
CVE-2023-42319
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the…
2023-10-17
Medium
CVE-2023-45810
OpenFGA is a flexible authorization/permission engine built for developers and inspired by Google Zanzibar. Affected versions of OpenFGA are vulnerable to a denial of service attack. When a number of…
Medium
CVE-2023-22130
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticat…
Medium
CVE-2023-22129
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with…
Medium
CVE-2023-22127
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). The supported version that…
Medium
CVE-2023-22122
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 14.5-14.7. Difficult to expl…
Medium
CVE-2023-22119
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.3, 12.4, 14.0-14.3 a…
Medium
CVE-2023-22118
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.3, 12.4, 14.0-14.3 a…
Medium
CVE-2023-22115
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged…
Medium
CVE-2023-22114
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22112
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22111
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged…
Medium
CVE-2023-22110
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22104
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged atta…
Medium
CVE-2023-22103
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allow…
High
CVE-2023-22100
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high p…
Medium
CVE-2023-22097
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22095
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged att…
High
CVE-2023-22094
Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Supported versions that are affected are Prior to 1.6.8. Easily exploitable vulnerability allows low pri…
Medium
CVE-2023-22092
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22084
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerabilit…
Medium
CVE-2023-22081
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8…
Medium
CVE-2023-22079
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows low privi…
Medium
CVE-2023-22078
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allow…
Medium
CVE-2023-22077
Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allow…
Low
CVE-2023-22075
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high p…
Low
CVE-2023-22074
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high p…
Medium
CVE-2023-22071
Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker…
Medium
CVE-2023-22070
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allow…
Medium
CVE-2023-22068
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22066
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22065
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22064
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high priv…
Medium
CVE-2023-22059
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allow…
Medium
CVE-2023-22032
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allow…
Medium
CVE-2023-22028
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.43 and prior and 8.0.31 and prior. Easily exploitable vulnerab…
Medium
CVE-2023-22026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerab…
Medium
CVE-2023-22015
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerab…
Medium
CVE-2023-40373
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574.
Medium
CVE-2023-40372
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499.
Medium
CVE-2023-38719
IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607.
2023-10-16
Medium
CVE-2023-40374
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted query statement. IBM X-Force ID: 263575.
High
CVE-2023-30991
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 254037.
Medium
CVE-2023-38740
IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. IBM X-Force ID: 262613.
Medium
CVE-2023-38728
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.
Medium
CVE-2023-38720
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616.
Medium
CVE-2023-30987
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440.
Medium
CVE-2023-45660
Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial…
High
CVE-2023-40180
silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS at…
High
CVE-2023-45985
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to…
Medium
CVE-2023-5595
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.
2023-10-14
Medium
CVE-2023-45176
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows.…
High
CVE-2022-43740
IBM Security Verify Access OIDC Provider could allow a remote user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 238921.
2023-10-13
Medium
CVE-2023-32970
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denia…
High
CVE-2023-41682
A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0 through 4.0.3, Fort…
High
CVE-2023-45468
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
High
CVE-2023-45464
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
High
CVE-2023-45463
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via…
Medium
CVE-2023-44204
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacke…
Medium
CVE-2023-44203
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 a…
High
CVE-2023-44199
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker…
High
CVE-2023-44197
An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Serv…
Medium
CVE-2023-44195
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network…
Medium
CVE-2023-44193
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash…
High
CVE-2023-44192
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Se…
High
CVE-2023-44191
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS…
High
CVE-2023-44185
An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks allows an attacker to cause a Denial of Service (DoS )to the device upon receiving and processing a…
Medium
CVE-2023-44184
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-base…
Medium
CVE-2023-44178
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated…
Medium
CVE-2023-44177
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service…