Total
3419 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49767 | 2 Palletsprojects, Redhat | 3 Quart, Werkzeug, Openshift Ai | 2025-01-03 | 7.5 High |
| Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications) are vulnerable to a relatively simple but effective resource exhaustion (denial of service) attack. A specifically crafted form submission request can cause the parser to allocate and block 3 to 8 times the upload size in main memory. There is no upper limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds. Werkzeug version 3.0.6 fixes this issue. | ||||
| CVE-2022-26832 | 1 Microsoft | 11 .net Framework, Windows 10, Windows 11 and 8 more | 2025-01-02 | 7.5 High |
| .NET Framework Denial of Service Vulnerability | ||||
| CVE-2023-36799 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Enterprise Linux and 1 more | 2025-01-01 | 6.5 Medium |
| .NET Core and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-38178 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2025-01-01 | 7.5 High |
| .NET Core and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-35298 | 1 Microsoft | 3 Windows 11 21h2, Windows 11 22h2, Windows Server 2022 | 2025-01-01 | 7.5 High |
| HTTP.sys Denial of Service Vulnerability | ||||
| CVE-2023-35339 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2025-01-01 | 7.5 High |
| Windows CryptoAPI Denial of Service Vulnerability | ||||
| CVE-2023-35329 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-01-01 | 6.5 Medium |
| Windows Authentication Denial of Service Vulnerability | ||||
| CVE-2023-33141 | 1 Microsoft | 1 Yet Another Reverse Proxy | 2025-01-01 | 7.5 High |
| Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability | ||||
| CVE-2023-32013 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-01-01 | 5.3 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2023-24862 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-01 | 5.5 Medium |
| Windows Secure Channel Denial of Service Vulnerability | ||||
| CVE-2023-23411 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-01-01 | 6.5 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2023-21728 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.5 High |
| Windows Netlogon Denial of Service Vulnerability | ||||
| CVE-2023-21557 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.5 High |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | ||||
| CVE-2023-21543 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 8.1 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21547 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-01-01 | 7.5 High |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | ||||
| CVE-2024-38236 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-31 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2024-53647 | 1 Trendmicro | 1 Idsecurity | 2024-12-31 | 6.5 Medium |
| Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service. | ||||
| CVE-2024-41123 | 2 Redhat, Ruby-lang | 5 Enterprise Linux, Rhel E4s, Rhel Eus and 2 more | 2024-12-27 | 5.3 Medium |
| REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities. | ||||
| CVE-2018-12121 | 2 Nodejs, Redhat | 9 Node.js, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2024-12-27 | 7.5 High |
| Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. | ||||
| CVE-2024-0115 | 2 Canonical, Nvidia | 3 Ubuntu Linux, Cv-cuda, Jetpack Software Development Kit | 2024-12-26 | 6.1 Medium |
| NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss. | ||||