Search Results (6937 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-50685 1 Hipcam 1 Realserver 2026-04-15 7.5 High
An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port parameter.
CVE-2021-4465 2 Request, Request Serious Play 3 Serious Play Pro, Request Serious Play, Request Serious Play Pro 2026-04-15 N/A
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 contain a remote denial-of-service vulnerability. The device can be shut down or rebooted by an unauthenticated attacker through a single crafted HTTP GET request, allowing remote interruption of service availability.
CVE-2024-47972 2026-04-15 4 Medium
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.
CVE-2024-54192 1 Appneta 1 Tcpreplay 2026-04-15 5.5 Medium
An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.
CVE-2024-5422 2026-04-15 N/A
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows DoS via HTTP.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
CVE-2024-54730 2026-04-15 7.5 High
Flatnotes <v5.3.1 is vulnerable to denial of service through the upload image function.
CVE-2024-58306 1 Hans Alshoff 1 Minalic 2026-04-15 N/A
minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash the web server by sending oversized GET requests. Attackers can send crafted HTTP requests with excessive data to overwhelm the server and cause service interruption.
CVE-2024-6126 1 Redhat 1 Enterprise Linux 2026-04-15 3.2 Low
A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.
CVE-2024-6162 1 Redhat 11 Apache Camel Hawtio, Apache Camel Spring Boot, Build Keycloak and 8 more 2026-04-15 7.5 High
A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processed. As a result, the server may attempt to access the wrong path, causing errors such as "404 Not Found" or other application failures. This flaw can potentially lead to a denial of service, as legitimate resources become inaccessible due to the path mix-up.
CVE-2024-6501 1 Redhat 2 Enterprise Linux, Openshift 2026-04-15 3.1 Low
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.
CVE-2024-7567 1 Rockwellautomation 2 Micro850 Firmware, Micro870 Firmware 2026-04-15 N/A
A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). If exploited, the CIP/Modbus communication may be disrupted for short duration.
CVE-2025-0426 1 Redhat 1 Openshift Data Foundation 2026-04-15 6.2 Medium
A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.
CVE-2025-13466 1 Expressjs 1 Body-parser 2026-04-15 5.3 Medium
body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This can lead to service slowdown or partial outages under sustained malicious traffic. This issue is addressed in version 2.2.1.
CVE-2025-13524 4 Amazon, Apple, Linux and 1 more 4 Aws Wickr, Macos, Linux and 1 more 2026-04-15 5.7 Medium
Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require the affected user to take a particular action within the application To mitigate this issue, users should upgrade AWS Wickr, Wickr Gov and Wickr Enterprise desktop version to version 6.62.13.
CVE-2025-8872 1 Arista 1 Eos 2026-04-15 6.5 Medium
On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch. This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.
CVE-2025-14027 1 Rockwellautomation 1 Controllogix 2026-04-15 N/A
Multiple denial-of-service vulnerabilities exist in the affected product. These issues can be triggered through various crafted inputs, including malformed Class 3 messages, memory leak conditions, and other resource exhaustion scenarios. Exploitation may cause the device to become unresponsive and, in some cases, result in a major nonrecoverable fault. Recovery may require a restart.
CVE-2023-31889 1 Asus 1 Asus Firmware 2026-04-15 5.5 Medium
An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4.380.8591 allows local attackers to cause a denial of service via crafted GET request.
CVE-2025-22242 2026-04-15 5.6 Medium
Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by attempting to read from a filename that will not return any data, e.g. by targeting a pipe node on the proc file system.
CVE-2025-8449 1 Schneider-electric 3 Ecostruxure Building Operation Enterprise Server, Ecostruxure Enterprise Server, Ecostruxure Workstation 2026-04-15 N/A
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network.
CVE-2025-23165 1 Redhat 1 Enterprise Linux 2026-04-15 N/A
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Impact: * This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22.