Search Results (6993 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-36431 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36435 1 Microsoft 4 .net, Windows 11 21h2, Windows 11 22h2 and 1 more 2025-04-14 7.5 High
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-36579 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36606 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36703 1 Microsoft 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more 2025-04-14 7.5 High
DHCP Server Service Denial of Service Vulnerability
CVE-2021-35065 2 Gulpjs, Redhat 8 Glob-parent, Enterprise Linux, Logging and 5 more 2025-04-14 7.5 High
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVE-2021-4280 1 Styler Praat Scripts Project 1 Styler Praat Scripts 2025-04-14 4.3 Medium
A vulnerability was found in styler_praat_scripts. It has been classified as problematic. Affected is an unknown function of the file file_segmenter.praat of the component Slash Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The name of the patch is 0cad44aa4a3eb0ecdba071c10eaff16023d8b35f. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216780.
CVE-2022-3064 2 Redhat, Yaml Project 7 Enterprise Linux, Openshift, Openshift Devspaces and 4 more 2025-04-14 7.5 High
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
CVE-2022-3526 1 Linux 1 Linux Kernel 2025-04-14 5.3 Medium
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024.
CVE-2022-3594 3 Debian, Linux, Redhat 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more 2025-04-14 5.3 Medium
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
CVE-2022-3663 1 Axiosys 1 Bento4 2025-04-14 5.3 Medium
A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4_StsdAtom of the file Ap4StsdAtom.cpp of the component MP4fragment. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212003.
CVE-2022-3668 1 Axiosys 1 Bento4 2025-04-14 5.3 Medium
A vulnerability has been found in Axiomatic Bento4 and classified as problematic. This vulnerability affects the function AP4_AtomFactory::CreateAtomFromStream of the component mp4edit. The manipulation leads to memory leak. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212008.
CVE-2022-3669 1 Axiosys 1 Bento4 2025-04-14 5.3 Medium
A vulnerability was found in Axiomatic Bento4 and classified as problematic. This issue affects the function AP4_AvccAtom::Create of the component mp4edit. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212009 was assigned to this vulnerability.
CVE-2020-26302 1 Is.js Project 1 Is.js 2025-04-14 7.5 High
is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to loop “forever." This vulnerability was found using a CodeQL query which identifies inefficient regular expressions. is.js has no patch for this issue.
CVE-2016-2061 1 Linux 1 Linux Kernel 2025-04-12 7.8 High
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call.
CVE-2015-3225 4 Debian, Opensuse, Rack Project and 1 more 6 Debian Linux, Opensuse, Rack and 3 more 2025-04-12 N/A
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.
CVE-2015-3195 9 Apple, Canonical, Debian and 6 more 28 Mac Os X, Ubuntu Linux, Debian Linux and 25 more 2025-04-12 5.3 Medium
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
CVE-2015-4024 5 Apple, Hp, Oracle and 2 more 13 Mac Os X, System Management Homepage, Linux and 10 more 2025-04-12 N/A
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVE-2014-1500 5 Mozilla, Opensuse, Opensuse Project and 2 more 8 Firefox, Seamonkey, Opensuse and 5 more 2025-04-12 N/A
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
CVE-2014-3122 4 Canonical, Debian, Linux and 1 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2025-04-12 N/A
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings.