Total
2180 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30406 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecma_find_named_property at /base/ecma-helpers.c. | |||||
| CVE-2022-24109 | 1 Opennetworking | 1 Onos | 2025-02-05 | N/A | 6.5 MEDIUM |
| An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller. | |||||
| CVE-2022-24035 | 1 Opennetworking | 1 Onos | 2025-02-05 | N/A | 7.5 HIGH |
| An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in topology (e.g., link failure). In combination with other applications, it could lead to a failure of network management. | |||||
| CVE-2024-53851 | 2025-02-04 | N/A | 4.3 MEDIUM | ||
| Discourse is an open source platform for community discussion. In affected versions the endpoint for generating inline oneboxes for URLs wasn't enforcing limits on the number of URLs that it accepted, allowing a malicious user to inflict denial of service on some parts of the app. This vulnerability is only exploitable by authenticated users. This issue has been patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. Users unable to upgrade should turn off the `enable inline onebox on all domains` site setting and remove all entries from the `allowed inline onebox domains` site setting. | |||||
| CVE-2023-29479 | 1 Ribose | 1 Rnp | 2025-02-04 | N/A | 5.3 MEDIUM |
| Ribose RNP before 0.16.3 may hang when the input is malformed. | |||||
| CVE-2024-0157 | 1 Dell | 2 Storage Monitoring And Reporting, Storage Resource Manager | 2025-02-04 | N/A | 5.9 MEDIUM |
| Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session. | |||||
| CVE-2024-47239 | 1 Dell | 1 Powerscale Onefs | 2025-02-04 | N/A | 6.5 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-23450 | 1 Elastic | 1 Elasticsearch | 2025-02-04 | N/A | 4.9 MEDIUM |
| A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. | |||||
| CVE-2023-26595 | 1 Cybozu | 1 Garoon | 2025-01-28 | N/A | 6.5 MEDIUM |
| Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition. | |||||
| CVE-2023-33297 | 1 Bitcoin | 1 Bitcoin Core | 2025-01-28 | N/A | 7.5 HIGH |
| Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. | |||||
| CVE-2022-4008 | 1 Octopus | 1 Octopus Server | 2025-01-28 | N/A | 5.5 MEDIUM |
| In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service | |||||
| CVE-2025-21270 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2025-21231 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 7.5 HIGH |
| IP Helper Denial of Service Vulnerability | |||||
| CVE-2025-21230 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2025-21218 | 1 Microsoft | 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more | 2025-01-27 | N/A | 7.5 HIGH |
| Windows Kerberos Denial of Service Vulnerability | |||||
| CVE-2025-21207 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-01-27 | N/A | 7.5 HIGH |
| Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | |||||
| CVE-2023-28356 | 1 Rocket.chat | 1 Rocket.chat | 2025-01-27 | N/A | 7.5 HIGH |
| A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive. | |||||
| CVE-2024-12345 | 2025-01-27 | 4.3 MEDIUM | 4.4 MEDIUM | ||
| A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. It is possible to launch the attack on the local host. Other endpoints might be affected as well. | |||||
| CVE-2025-21251 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2025-21300 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 7.5 HIGH |
| Windows upnphost.dll Denial of Service Vulnerability | |||||