CVE Daily
← All tags

Tag: Denial of Service (DoS)

All CVEs associated with "Denial of Service (DoS)". Page 93/331 • 39674 CVEs.

Subscribe CVEs: RSS for “Denial of Service (DoS)”  ·  RSS (High+Critical only)

About “Denial of Service (DoS)”

A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39674 CVEs for this tag (all time). In the last 365 days, 3241 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2022-01-14
Medium

CVE-2021-46195

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessiv…

CVSS: 5.5 CWE: CWE-674 - Uncontrolled Recursion View on NVD
Medium

CVE-2021-45767

GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS).

CVSS: 5.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2021-44713

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event action…

CVSS: 5.5 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2021-42067

In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashbo…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2021-39659

In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead…

CVSS: 5.5 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
High

CVE-2021-23567

The package colors after 1.4.0 are vulnerable to Denial of Service (DoS) that was introduced through an infinite loop in the americanFlag module. Unfortunately this appears to have been a purposeful…

CVSS: 7.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
High

CVE-2021-20613

Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allo…

CVSS: 7.5 CWE: CWE-665 - Improper Initialization View on NVD
High

CVE-2021-20612

Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2021-45763

GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS).

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2021-45762

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS).

CVSS: 5.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2022-21681

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of servi…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2022-21680

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2021-36781

A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This is…

CVSS: 5.9 CWE: CWE-276 - Incorrect Default Permissions View on NVD
Critical

CVE-2022-23219

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may…

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-23218

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may…

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-20698

A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a d…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2021-45760

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS).

CVSS: 5.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2022-01-13
Medium

CVE-2021-40576

The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-40575

The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerabi…

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2021-40574

The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even c…

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2021-40573

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a denial of service.

CVSS: 5.5 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2021-40572

The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service.

CVSS: 5.5 CWE: CWE-415 - Double Free View on NVD
High

CVE-2021-40571

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalat…

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
High

CVE-2021-40570

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalatio…

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2021-40569

The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service.

CVSS: 5.5 CWE: CWE-415 - Double Free View on NVD
High

CVE-2021-40568

A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code e…

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2021-40567

Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service.

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2021-39056

The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID:…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2021-30307

Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapd…

CVSS: 7.5 CWE: CWE-617 - Reachable Assertion View on NVD
High

CVE-2021-30301

Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2021-30300

Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon C…

CVSS: 7.5 CWE: CWE-704 - Incorrect Type Conversion or Cast View on NVD
2022-01-12
Medium

CVE-2021-40566

A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of servic…

CVSS: 5.5 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2021-40565

A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of ser…

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-40564

A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-40563

A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a deni…

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-40562

A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.

CVSS: 5.5 CWE: CWE-697 - Incorrect Comparison View on NVD
Medium

CVE-2021-37530

A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2021-37529

A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).

CVSS: 5.5 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2021-46225

A buffer overflow in the GmfOpenMesh() function of libMeshb v7.61 allows attackers to cause a Denial of Service (DoS) via a crafted MESH file.

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2021-36417

A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-0012

An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impa…

CVSS: 6.1 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2022-01-11
Medium

CVE-2021-46283

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of…

CVSS: 5.5 CWE: CWE-665 - Improper Initialization View on NVD
Medium

CVE-2022-21918

DirectX Graphics Kernel File Denial of Service Vulnerability

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2022-21911

.NET Framework Denial of Service Vulnerability

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2022-21890

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2022-21889

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2022-21883

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2022-21848

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2022-21847

Windows Hyper-V Denial of Service Vulnerability

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2022-21839

Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2021-34704

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to…

CVSS: 8.6 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2021-1573

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to…

CVSS: 8.6 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2021-44647

Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service.

CVSS: 5.5 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2021-45460

A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege t…

CVSS: 8.1 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2022-01-10
High

CVE-2021-36414

A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2021-36411

An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability cau…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2021-36409

There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the appli…

CVSS: 7.8 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2020-25427

A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-23218

When running with FIPS mode enabled, Mirantis Container Runtime 20.10.8 leaks memory during TLS Handshakes which could be abused to cause a denial of service.

CVSS: 5.3 CWE: CWE-401 - Missing Release of Memory after Effective Lifetime View on NVD
High

CVE-2021-46149

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A denial of service (resource consumption) can be accomplished by searching for a very long key in…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2021-46055

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

CVSS: 5.5 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2021-46054

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

CVSS: 5.5 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2021-46053

A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL.

CVSS: 5.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.

CVSS: 5.5 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2021-46051

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. .

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-46049

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-46048

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.

CVSS: 5.5 CWE: CWE-617 - Reachable Assertion View on NVD
Medium

CVE-2021-46046

A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent).

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-46045

GPAC 1.0.1 is affected by: Abort failed. The impact is: cause a denial of service (context-dependent).

CVSS: 5.5 CWE: N/A View on NVD
High

CVE-2021-20048

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the fi…

CVSS: 8.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2021-20046

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in t…

CVSS: 8.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2020-9061

Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung…

CVSS: 6.5 CWE: CWE-285 - Improper Authorization View on NVD
Medium

CVE-2020-9060

Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A…

CVSS: 6.5 CWE: CWE-346 - Origin Validation Error View on NVD
High

CVE-2020-9057

Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerab…

CVSS: 8.8 CWE: CWE-311 - Missing Encryption of Sensitive Data View on NVD
2022-01-06
Medium

CVE-2021-46044

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent).

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-46043

A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-46042

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-46041

A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service.

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2021-46039

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent).

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-44590

In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploit…

CVSS: 6.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2022-22707

In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of…

CVSS: 5.9 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-01-05
Medium

CVE-2021-46038

A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent).

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2022-21653

Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision a…

CVSS: 5.9 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2021-45833

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2021-45832

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).

CVSS: 5.5 CWE: CWE-674 - Uncontrolled Recursion View on NVD
Medium

CVE-2021-45831

A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service.

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2021-45830

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2021-28713

Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen o…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2021-28712

Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen o…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2021-28711

Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen o…

CVSS: 6.5 CWE: N/A View on NVD
2022-01-04
Medium

CVE-2021-43850

Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vu…

CVSS: 6.8 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2021-41141

PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP,…

CVSS: 5.9 CWE: CWE-667 - Improper Locking View on NVD
Medium

CVE-2022-20023

In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution p…

CVSS: 6.5 CWE: CWE-772 - Missing Release of Resource after Effective Lifetime View on NVD
Medium

CVE-2022-20022

In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2022-20021

In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetoo…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2021-41789

In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed…

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2021-40111

In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computati…

CVSS: 6.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
High

CVE-2021-40110

In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James…

CVSS: 7.5 CWE: N/A View on NVD
2022-01-03
Medium

CVE-2021-45829

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

CVSS: 5.5 CWE: CWE-404 - Improper Resource Shutdown or Release View on NVD
High

CVE-2021-39984

Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2021-39975

Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-38576

A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the s…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-37119

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-37117

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2020-23026

A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment das…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2021-35093

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sna…

CVSS: 6.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2021-30283

Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS: 7.1 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
2022-01-01
High

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

CVSS: 7.5 CWE: CWE-1333 - Inefficient Regular Expression Complexity View on NVD
2021-12-30
High

CVE-2021-4190

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

CVSS: 7.5 CWE: CWE-834 - Excessive Iteration View on NVD
Medium

CVE-2021-4186

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

CVSS: 6.3 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2021-4185

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

CVSS: 7.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
High

CVE-2021-4184

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

CVSS: 7.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
Medium

CVE-2021-4183

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2021-4182

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

CVSS: 7.5 CWE: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop') View on NVD
High

CVE-2021-4181

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2021-20133

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of t…

CVSS: 6.1 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2021-12-29
Medium

CVE-2021-36724

ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPa…

CVSS: 6.1 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2021-12-27
High

CVE-2021-45700

An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of service (Nervos CKB blockchain node crash) via a dead call that is used as a DepGroup.

CVSS: 7.5 CWE: N/A View on NVD