CVE Daily
← All tags

Tag: Denial of Service (DoS)

All CVEs associated with "Denial of Service (DoS)". Page 63/331 • 39664 CVEs.

Subscribe CVEs: RSS for “Denial of Service (DoS)”  ·  RSS (High+Critical only)

About “Denial of Service (DoS)”

A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39664 CVEs for this tag (all time). In the last 365 days, 3231 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2023-07-18
Medium

CVE-2023-22031

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.1.0.0 and 12.2.1.4.0. Difficult to exploit vulnerabi…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2023-22027

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Server). The supported version that is affected is 7.0.0.0.0. Easily exploitab…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2023-22021

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Server). Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Eas…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2023-22017

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulner…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2023-22016

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulner…

CVSS: 4.2 CWE: N/A View on NVD
Medium

CVE-2023-22011

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Server). Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Eas…

CVSS: 5.4 CWE: N/A View on NVD
Medium

CVE-2023-22008

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged atta…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2023-22007

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Easily exploitable vulner…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2023-22005

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2023-21983

Vulnerability in the Application Express Administration product of Oracle Application Express (component: None). Supported versions that are affected are Application Express Administration: 18.2-22.…

CVSS: 5.6 CWE: N/A View on NVD
Medium

CVE-2023-21950

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high pr…

CVSS: 4.9 CWE: N/A View on NVD
High

CVE-2023-37788

goproxy v1.1 was discovered to contain an issue which can lead to a Denial of service (DoS) via unspecified vectors.

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Low

CVE-2023-37481

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service (DoS) attack. Attacke…

CVSS: 2.7 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Low

CVE-2023-37480

Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service (DoS) attack. Attacke…

CVSS: 2.7 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2023-30383

TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead t…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-47085

An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2022-41409

Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.

CVSS: 7.5 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2022-33065

Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or…

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2022-33064

An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspe…

CVSS: 7.8 CWE: CWE-193 - Off-by-one Error View on NVD
High

CVE-2021-34119

A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2021-33294

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

CVSS: 5.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
Medium

CVE-2020-23911

An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function _default_error_logger() located in asn1fix.c. It allows an attacker to cause Denial of Service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2023-07-17
Medium

CVE-2023-34140

A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versi…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-37475

Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2023-34669

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.

CVSS: 7.5 CWE: CWE-203 - Observable Discrepancy View on NVD
2023-07-14
Medium

CVE-2023-36818

Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003…

CVSS: 6.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2023-36850

An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 an…

CVSS: 6.5 CWE: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input View on NVD
Medium

CVE-2023-38253

An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

CVSS: 4.7 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-38252

An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

CVSS: 4.7 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-36849

An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjac…

CVSS: 6.5 CWE: CWE-703 - Improper Check or Handling of Exceptional Conditions View on NVD
Medium

CVE-2023-36848

An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthentica…

CVSS: 6.5 CWE: CWE-232 - Improper Handling of Undefined Values View on NVD
Medium

CVE-2023-36840

A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (Do…

CVSS: 5.5 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2023-36836

A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to c…

CVSS: 4.7 CWE: CWE-908 - Use of Uninitialized Resource View on NVD
High

CVE-2023-36835

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a…

CVSS: 7.5 CWE: CWE-754 - Improper Check for Unusual or Exceptional Conditions View on NVD
Medium

CVE-2023-36834

An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial…

CVSS: 6.5 CWE: CWE-372 - Incomplete Internal State Distinction View on NVD
Medium

CVE-2023-36838

An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of S…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-36833

A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unaut…

CVSS: 6.5 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-28985

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-base…

CVSS: 7.5 CWE: CWE-1286 - Improper Validation of Syntactic Correctness of Input View on NVD
High

CVE-2023-36832

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets t…

CVSS: 7.5 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
High

CVE-2023-36831

An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak…

CVSS: 7.5 CWE: CWE-703 - Improper Check or Handling of Exceptional Conditions View on NVD
Medium

CVE-2023-3433

The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make…

CVSS: 5.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-3649

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

CVSS: 5.3 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-3648

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

CVSS: 5.3 CWE: CWE-762 - Mismatched Memory Management Routines View on NVD
2023-07-13
Medium

CVE-2023-37837

libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows attackers to cause a Denial of Serv…

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2023-37836

libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craft…

CVSS: 6.5 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2023-37598

A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function.

CVSS: 4.5 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD
High

CVE-2023-35945

Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAW…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2023-37463

cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-gfm may lead…

CVSS: 6.4 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2023-34458

mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the…

CVSS: 7.1 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2023-33768

Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firm…

CVSS: 6.5 CWE: CWE-347 - Improper Verification of Cryptographic Signature View on NVD
High

CVE-2023-26597

Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. S…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Critical

CVE-2023-25770

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and version…

CVSS: 9.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD
Critical

CVE-2023-25078

Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation.  See Honeywell Security Notification for recom…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2023-24480

Controller DoS due to stack overflow when decoding a message from the server.  See Honeywell Security Notification for recommendations on upgrading and versioning.

CVSS: 9.8 CWE: CWE-116 - Improper Encoding or Escaping of Output View on NVD
High

CVE-2023-24474

Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message

CVSS: 7.5 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Critical

CVE-2023-23585

Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation.  See Honeywell Security Notification for recommendations…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-22435

Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.

CVSS: 7.5 CWE: CWE-697 - Incorrect Comparison View on NVD
High

CVE-2023-3424

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. A…

CVSS: 7.5 CWE: CWE-1333 - Inefficient Regular Expression Complexity View on NVD
High

CVE-2023-35691

there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitat…

CVSS: 7.2 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-21243

In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of se…

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-21240

In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not…

CVSS: 5.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
2023-07-12
Medium

CVE-2023-3635

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using…

CVSS: 5.9 CWE: CWE-195 - Signed to Unsigned Conversion Error View on NVD
Medium

CVE-2023-3618

A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-3596

Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system th…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2020-20021

An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon.

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2023-3106

A NULL pointer dereference vulnerability was found in netlink_dump. This issue can occur when the Netlink socket receives the message(sendmsg) for the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message,…

CVSS: 6.6 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2023-33905

In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.4 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2023-33904

In hci_server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.4 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-33903

In FM service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2023-33897

In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.4 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2023-33896

In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.4 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-48451

In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.1 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2022-48450

In bluetooth service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2023-30226

An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0 verneed_entry allows attackers to cause a denial of service via crafted elf file.

CVSS: 5.5 CWE: CWE-834 - Excessive Iteration View on NVD
2023-07-11
High

CVE-2023-29984

Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to…

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2023-35339

Windows CryptoAPI Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2023-35338

Windows Peer Name Resolution Protocol Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2023-35331

Windows Local Security Authority (LSA) Denial of Service Vulnerability

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2023-35330

Windows Extended Negotiation Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-35329

Windows Authentication Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2023-35321

Windows Deployment Services Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-170 - Improper Null Termination View on NVD
Medium

CVE-2023-35319

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-35318

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-35314

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2023-35298

HTTP.sys Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2023-33173

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-33172

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-33169

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-33168

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-33167

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-33166

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-33164

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2023-32084

HTTP.sys Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2023-32045

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2023-32044

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-32035

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2023-32034

Remote Procedure Call Runtime Denial of Service Vulnerability

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2023-3354

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the…

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2023-37597

Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function.

CVSS: 8.1 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD
High

CVE-2023-37596

Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function.

CVSS: 8.1 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD
Medium

CVE-2020-20118

Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-36521

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.…

CVSS: 8.6 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
High

CVE-2023-35921

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2023-35920

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2022-31810

A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2023-33990

SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. An attacker with low privileged account and access to the local sys…

CVSS: 7.8 CWE: CWE-277 - Insecure Inherited Permissions View on NVD
2023-07-10
High

CVE-2023-34432

A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2023-22835

A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all…

CVSS: 7.7 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2023-34318

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2023-32627

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

CVSS: 6.2 CWE: CWE-1077 - Floating Point Comparison with Incorrect Operator View on NVD
Medium

CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

CVSS: 6.2 CWE: CWE-1077 - Floating Point Comparison with Incorrect Operator View on NVD
High

CVE-2023-30449

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439.

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-30448

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.

CVSS: 5.9 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-30447

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436.

CVSS: 5.9 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-30446

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361…

CVSS: 5.9 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2023-30445

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357.

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-30442

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper us…

CVSS: 5.9 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-28955

IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704.

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-27540

IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of se…

CVSS: 5.9 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2023-1902

The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in…

CVSS: 5.9 CWE: CWE-416 - Use After Free View on NVD