Search Results (4086 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-36620 1 Enumstringvalues Project 1 Enumstringvalues 2025-04-15 3.5 Low
A vulnerability was found in Brondahl EnumStringValues up to 4.0.0. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.1 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability.
CVE-2023-36431 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36435 1 Microsoft 4 .net, Windows 11 21h2, Windows 11 22h2 and 1 more 2025-04-14 7.5 High
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-36579 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36606 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36703 1 Microsoft 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more 2025-04-14 7.5 High
DHCP Server Service Denial of Service Vulnerability
CVE-2021-35065 2 Gulpjs, Redhat 8 Glob-parent, Enterprise Linux, Logging and 5 more 2025-04-14 7.5 High
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVE-2022-3064 2 Redhat, Yaml Project 7 Enterprise Linux, Openshift, Openshift Devspaces and 4 more 2025-04-14 7.5 High
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
CVE-2020-26302 1 Is.js Project 1 Is.js 2025-04-14 7.5 High
is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). is.js uses a regex copy-pasted from a gist to validate URLs. Trying to validate a malicious string can cause the regex to loop “forever." This vulnerability was found using a CodeQL query which identifies inefficient regular expressions. is.js has no patch for this issue.
CVE-2016-6172 2 Opensuse, Powerdns 3 Leap, Opensuse, Authoritative Server 2025-04-12 N/A
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
CVE-2015-5143 5 Canonical, Debian, Djangoproject and 2 more 5 Ubuntu Linux, Debian Linux, Django and 2 more 2025-04-12 N/A
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
CVE-2014-3708 2 Openstack, Redhat 2 Nova, Openstack 2025-04-12 N/A
OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.
CVE-2014-8117 5 Canonical, File Project, Freebsd and 2 more 5 Ubuntu Linux, File, Freebsd and 2 more 2025-04-12 N/A
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
CVE-2016-9685 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-12 N/A
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.
CVE-2015-3289 1 Openstack 1 Glance 2025-04-12 N/A
OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated users to cause a denial of service (disk consumption) by repeatedly using the import task flow API to create images and then deleting them.
CVE-2014-3608 2 Openstack, Redhat 2 Nova, Openstack 2025-04-12 N/A
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.
CVE-2016-2061 1 Linux 1 Linux Kernel 2025-04-12 7.8 High
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call.
CVE-2014-3555 2 Openstack, Redhat 2 Neutron, Openstack 2025-04-12 N/A
OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
CVE-2014-9410 1 Linux 1 Linux Kernel 2025-04-12 9.8 Critical
The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain id value, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call.
CVE-2014-3407 1 Cisco 1 Adaptive Security Appliance Software 2025-04-12 N/A
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.