Search
Total
1165 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23524 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.5 HIGH |
| A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service. | |||||
| CVE-2023-37788 | 1 Goproxy Project | 1 Goproxy | 2023-07-27 | N/A | 7.5 HIGH |
| goproxy v1.1 was discovered to contain an issue which can lead to a Denial of service (DoS) via unspecified vectors. | |||||
| CVE-2023-37143 | 1 Microsoft | 1 Chakracore | 2023-07-27 | N/A | 5.5 MEDIUM |
| ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function BackwardPass::IsEmptyLoopAfterMemOp(). | |||||
| CVE-2023-37142 | 1 Microsoft | 1 Chakracore | 2023-07-27 | N/A | 5.5 MEDIUM |
| ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::EntryPointInfo::HasInlinees(). | |||||
| CVE-2023-37140 | 1 Microsoft | 1 Chakracore | 2023-07-27 | N/A | 5.5 MEDIUM |
| ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::DiagScopeVariablesWalker::GetChildrenCount(). | |||||
| CVE-2023-37141 | 1 Microsoft | 1 Chakracore | 2023-07-27 | N/A | 5.5 MEDIUM |
| ChakraCore branch master cbb9b was discovered to contain a segmentation violation via the function Js::ProfilingHelpers::ProfiledNewScArray(). | |||||
| CVE-2023-3585 | 1 Mattermost | 1 Mattermost Server | 2023-07-27 | N/A | 4.3 MEDIUM |
| Mattermost Boards fail to properly validate a board link, allowing an attacker to crash a channel by posting a specially crafted boards link. | |||||
| CVE-2023-3614 | 1 Mattermost | 1 Mattermost Server | 2023-07-26 | N/A | 3.3 LOW |
| Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources, making the server unresponsive for an extended period of time by linking to specially crafted image file. | |||||
| CVE-2023-37475 | 1 Avro Project | 1 Avro | 2023-07-26 | N/A | 7.5 HIGH |
| Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial of service of the consumer of avro. The root cause of the issue is that avro uses part of the input to `Unmarshal()` to determine the size when creating a new slice and hence an attacker may consume arbitrary amounts of memory which in turn may cause the application to crash. This issue has been addressed in commit `b4a402f4` which has been included in release version `2.13.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2022-30858 | 1 Ngiflib Project | 1 Ngiflib | 2023-07-26 | N/A | 6.5 MEDIUM |
| An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0 | |||||
| CVE-2021-43859 | 4 Debian, Fedoraproject, Oracle and 1 more | 10 Debian Linux, Fedora, Commerce Guided Search and 7 more | 2022-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible. | |||||
| CVE-2021-3629 | 1 Redhat | 6 Enterprise Linux, Integration, Jboss Enterprise Application Platform and 3 more | 2022-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final. | |||||
| CVE-2021-3822 | 1 Jsoneditoronline | 1 Jsoneditor | 2022-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| jsoneditor is vulnerable to Inefficient Regular Expression Complexity | |||||
| CVE-2020-21405 | 1 H96tvbox | 2 H96 Pro Plus, H96 Pro Plus Firmware | 2022-07-27 | N/A | 7.5 HIGH |
| An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk | |||||
| CVE-2021-21341 | 4 Debian, Fedoraproject, Oracle and 1 more | 10 Debian Linux, Fedora, Banking Enterprise Default Management and 7 more | 2022-07-27 | 7.1 HIGH | 7.5 HIGH |
| XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. | |||||
| CVE-2022-24839 | 1 Nekohtml Project | 1 Nekohtml | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability. | |||||
| CVE-2022-24729 | 2 Ckeditor, Drupal | 2 Ckeditor, Drupal | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds. | |||||
| CVE-2021-4115 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-07-25 | 2.1 LOW | 5.5 MEDIUM |
| There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned | |||||
| CVE-2021-3749 | 1 Axios | 1 Axios | 2022-07-25 | 7.8 HIGH | 7.5 HIGH |
| axios is vulnerable to Inefficient Regular Expression Complexity | |||||
| CVE-2021-3737 | 5 Canonical, Fedoraproject, Netapp and 2 more | 14 Ubuntu Linux, Fedora, Hci and 11 more | 2022-07-25 | 7.1 HIGH | 7.5 HIGH |
| A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-37136 | 4 Netapp, Netty, Oracle and 1 more | 9 Oncommand Insight, Netty, Banking Apis and 6 more | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack | |||||
| CVE-2021-37137 | 4 Netapp, Netty, Oracle and 1 more | 9 Oncommand Insight, Netty, Banking Apis and 6 more | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk. | |||||
| CVE-2022-2406 | 1 Mattermost | 1 Mattermost | 2022-07-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API. | |||||
| CVE-2022-1699 | 1 Organizr | 1 Organizr | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | |||||
| CVE-2022-31129 | 1 Momentjs | 1 Moment | 2022-07-23 | 5.0 MEDIUM | 7.5 HIGH |
| moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input. | |||||
| CVE-2022-1210 | 2 Libtiff, Netapp | 2 Libtiff, Ontap Select Deploy Administration Utility | 2022-07-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-27937 | 1 Pexip | 1 Pexip Infinity | 2022-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. | |||||
| CVE-2022-30791 | 1 Codesys | 19 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 Sl and 16 more | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | |||||
| CVE-2022-30792 | 1 Codesys | 19 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 Sl and 16 more | 2022-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. | |||||
| CVE-2022-31080 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is being read into memory which could allow an attacker to send a request that returns a response with a large body. The consequence of the exhaustion is that the process which invokes a WSClient will be in a denial of service. The software is affected If users who are authenticated to the edge side connect to `cloudhub` from the edge side through WebSocket protocol. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There are currently no known workarounds. | |||||
| CVE-2022-31079 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-16 | 3.5 LOW | 6.5 MEDIUM |
| KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size of this message. An attacker can exploit this by sending a large message to exhaust memory and cause a DoS. The Cloud Stream server and the Edge Stream server are under DoS attack in this case. The consequence of the exhaustion is that the CloudCore and EdgeCore will be in a denial of service. Only an authenticated user can cause this issue. It will be affected only when users enable `cloudStream` module in the config file `cloudcore.yaml` and enable `edgeStream` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable cloudStream module in the config file `cloudcore.yaml` and disable edgeStream module in the config file `edgecore.yaml`. | |||||
| CVE-2022-31078 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-16 | 3.5 LOW | 6.5 MEDIUM |
| KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could use this weakness to make a request that will return an HTTP response with a large body and cause DoS of CloudCore. In the HTTP Handler API, the rest handler makes a request to a pre-specified handle. The handle will return an HTTP response that is then read into memory. The consequence of the exhaustion is that CloudCore will be in a denial of service. Only an authenticated user of the cloud can make an attack. It will be affected only when users enable `router` module in the config file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the router switch in the config file `cloudcore.yaml`. | |||||
| CVE-2022-31075 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-16 | 3.5 LOW | 6.5 MEDIUM |
| KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to `/edge.crt`. If an attacker can send a well-crafted HTTP request to CloudHub, and that request has a very large body, that request can crash the HTTP service through a memory exhaustion vector. The request body is being read into memory, and a body that is larger than the available memory can lead to a successful attack. Because the request would have to make it through authorization, only authorized users may perform this attack. The consequence of the exhaustion is that CloudHub will be in denial of service. KubeEdge is affected only when users enable the CloudHub module in the file `cloudcore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the CloudHub switch in the config file `cloudcore.yaml`. | |||||
| CVE-2022-31074 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround. | |||||
| CVE-2022-31073 | 1 Linuxfoundation | 1 Kubeedge | 2022-07-16 | 4.3 MEDIUM | 7.5 HIGH |
| KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. It is possible for the node to be exhausted of memory. The consequence of the exhaustion is that other services on the node, e.g. other containers, will be unable to allocate memory and thus causing a denial of service. Malicious apps accidentally pulled by users on the host and have the access to send HTTP requests to localhost may make an attack. It will be affected only when users enable the `ServiceBus` module in the config file `edgecore.yaml`. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. As a workaround, disable the `ServiceBus` module in the config file `edgecore.yaml`. | |||||
| CVE-2022-2048 | 1 Eclipse | 1 Jetty | 2022-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests. | |||||
| CVE-2022-20808 | 1 Cisco | 1 Smart Software Manager On-prem | 2022-07-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. An attacker could exploit this vulnerability by sending multiple device registration requests to Cisco SSM On-Prem. A successful exploit could allow the attacker to cause a DoS condition on an affected device. | |||||
| CVE-2022-31110 | 1 Rsshub | 1 Rsshub | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| RSSHub is an open source, extensible RSS feed generator. In commits prior to 5c4177441417 passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. This results in an impact on the performance of the servers and RSSHub services which may lead to a denial of service. This issue has been fixed in commit 5c4177441417 and all users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2014-3648 | 1 Redhat | 1 Jboss Aerogear | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or can slow the server down by purposefully wasting it's time with slow endpoints. Similarly, one can provide whatever HTTP end point they want. This turns the server into a DDOS vector or an anonymizer for the posting of malware and so on. | |||||
| CVE-2022-30591 | 1 Quic-go Project | 1 Quic-go | 2022-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu_discoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the vendor's position is that this behavior should not be listed as a vulnerability on the CVE List. | |||||
| CVE-2021-34549 | 1 Torproject | 1 Tor | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency. | |||||
| CVE-2022-25622 | 1 Siemens | 23 Simatic Cfu Diq, Simatic Cfu Diq Firmware, Simatic Cfu Pa and 20 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments. | |||||
| CVE-2021-24893 | 1 Stars Rating Project | 1 Stars Rating | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated. | |||||
| CVE-2020-20230 | 1 Mikrotik | 1 Routeros | 2022-07-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | |||||
| CVE-2020-20217 | 1 Mikrotik | 1 Routeros | 2022-07-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | |||||
| CVE-2020-20248 | 1 Mikrotik | 1 Routeros | 2022-07-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | |||||
| CVE-2020-20221 | 1 Mikrotik | 1 Routeros | 2022-07-10 | 6.8 MEDIUM | 6.5 MEDIUM |
| Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | |||||
| CVE-2022-26477 | 1 Apache | 1 Systemds | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a "low-priority but useful improvement". SystemDS is a distributed system and needs to serialize/deserialize data but in many code paths (e.g., on Spark broadcast/shuffle or writing to sequence files) the byte stream is anyway protected by additional CRC fingerprints. In this particular case though, the number of decoders is upper-bounded by twice the number of columns, which means an attacker would need to modify two entries in the byte stream in a consistent manner. By adding these checks robustness was strictly improved with almost zero overhead. These code changes are available in versions higher than 2.2.1. | |||||
| CVE-2021-20600 | 1 Mitsubishielectric | 2 R12ccpu-v, R12ccpu-v Firmware | 2022-07-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| Uncontrolled resource consumption in Mitsubishi Electric MELSEC iQ-R series C Controller Module R12CCPU-V Firmware Versions "16" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending a large number of packets in a short time while the module starting up. System reset is required for recovery. | |||||
| CVE-2022-31016 | 1 Linuxfoundation | 1 Argo-cd | 2022-07-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Argo CD is a declarative continuous deployment for Kubernetes. Argo CD versions v0.7.0 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service. The attacker must be an authenticated Argo CD user authorized to deploy Applications from a repository which contains (or can be made to contain) a large file. The fix for this vulnerability is available in versions 2.3.5, 2.2.10, 2.1.16, and later. There are no known workarounds. Users are recommended to upgrade. | |||||