Vulnerabilities (CVE)

Filtered by CWE-406
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38135 2024-11-22 N/A 8.6 HIGH
Possible External Service Interaction attack in iManager has been discovered in OpenTextâ„¢ iManager 3.2.6.0000.
CVE-2024-25015 2024-11-21 N/A 7.5 HIGH
IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281278.
CVE-2021-43547 1 Twinoakscomputing 1 Coredx Dds 2024-11-21 8.5 HIGH 7.5 HIGH
TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.
CVE-2021-38487 1 Rti 3 Connext Dds Micro, Connext Dds Professional, Connext Dds Secure 2024-11-21 6.4 MEDIUM 7.5 HIGH
RTI Connext DDS Professional, Connext DDS Secure versions 4.2x to 6.1.0, and Connext DDS Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.
CVE-2021-38429 1 Objectcomputing 1 Opendds 2024-11-21 6.4 MEDIUM 6.6 MEDIUM
OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure.
CVE-2019-14850 2 Nbdkit Project, Redhat 4 Nbdkit, Enterprise Linux, Enterprise Linux Server and 1 more 2024-11-21 2.6 LOW 3.7 LOW
A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side.
CVE-2014-125036 1 Ansible-ntp Project 1 Ansible-ntp 2024-11-21 1.4 LOW 2.6 LOW
A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The patch is identified as ed4ca2cf012677973c220cdba36b5c60bfa0260b. It is recommended to apply a patch to fix this issue. VDB-217190 is the identifier assigned to this vulnerability.
CVE-2023-49203 2024-09-20 N/A 7.5 HIGH
Technitium 11.5.3 allows remote attackers to cause a denial of service (bandwidth amplification) because the DNSBomb manipulation causes accumulation of low-rate DNS queries such that there is a large-sized response in a burst of traffic.
CVE-2023-28455 2024-09-20 N/A 7.5 HIGH
An issue was discovered in Technitium through 11.0.2. The forwarding mode enables attackers to create a query loop using Technitium resolvers, launching amplification attacks and causing potential DoS.
CVE-2023-28456 2024-09-20 N/A 7.5 HIGH
An issue was discovered in Technitium through 11.0.2. It enables attackers to launch amplification attacks (3 times more than other "golden model" software like BIND) and cause potential DoS.