Filtered by CWE-400
Total 3286 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-46315 1 Huawei 1 Harmonyos 2025-04-17 7.5 High
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
CVE-2025-3016 1 Assimp 1 Assimp 2025-04-17 4.3 Medium
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulation of the argument mWidth/mHeight leads to resource consumption. The attack can be initiated remotely. Upgrading to version 6.0 is able to address this issue. The name of the patch is 5d2a7482312db2e866439a8c05a07ce1e718bed1. It is recommended to apply a patch to fix this issue.
CVE-2025-21614 2 Go-git Project, Redhat 8 Go-git, Advanced Cluster Security, Enterprise Linux and 5 more 2025-04-17 7.5 High
go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability.
CVE-2021-23236 1 Fresenius-kabi 8 Agilia Connect, Agilia Connect Firmware, Agilia Partner Maintenance Software and 5 more 2025-04-16 7.5 High
Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system.
CVE-2022-21155 4 Apple, Fernhillsoftware, Linux and 1 more 4 Macos, Scada Server, Linux Kernel and 1 more 2025-04-16 7.5 High
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit.
CVE-2021-43933 1 Fanuc 1 Roboguide 2025-04-16 6.1 Medium
The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources.
CVE-2022-1797 1 Rockwellautomation 18 Compact Guardlogix 5370, Compact Guardlogix 5370 Firmware, Compact Guardlogix 5380 and 15 more 2025-04-16 6.8 Medium
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online.
CVE-2022-2004 1 Automationdirect 18 D0-06aa, D0-06aa Firmware, D0-06ar and 15 more 2025-04-16 7.5 High
AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;
CVE-2022-38100 1 Contechealth 2 Cms8000, Cms8000 Firmware 2025-04-16 7.5 High
The CMS800 device fails while attempting to parse malformed network data sent by a threat actor. A threat actor with network access can remotely issue a specially formatted UDP request that will cause the entire device to crash and require a physical reboot. A UDP broadcast request could be sent that causes a mass denial-of-service attack on all CME8000 devices connected to the same network.
CVE-2024-25269 2 Libheif, Struktur 2 Libheif, Libheif 2025-04-16 7.5 High
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.
CVE-2024-28122 1 Lestrrat-go 1 Jwx 2025-04-16 6.8 Medium
JWX is Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. This vulnerability allows an attacker with a trusted public key to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. This issue has been patched in versions 1.2.29 and 2.0.21.
CVE-2024-56528 1 Snowplow 1 Stream Collector 2025-04-15 7.5 High
This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establishes payload limits). It involves sending very large payloads to the Collector and can render it unresponsive to the rest of the requests. As a result, data would not enter the pipeline and would be potentially lost.
CVE-2021-40406 1 Reolink 2 Rlc-410w, Rlc-410w Firmware 2025-04-15 7.5 High
A denial of service vulnerability exists in the cgiserver.cgi session creation functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to prevent users from logging in. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2024-34483 1 Facuet 1 Ryu 2025-04-15 7.5 High
OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via OFPBucket.len=0.
CVE-2024-57724 1 Sammycage 1 Lunasvg 2025-04-15 6.5 Medium
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component gray_record_cell.
CVE-2024-11040 2025-04-15 N/A
** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-8939. Notes: All CVE users should reference CVE-2024-8939 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2022-42929 2 Mozilla, Redhat 6 Firefox, Firefox Esr, Thunderbird and 3 more 2025-04-15 6.5 Medium
If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
CVE-2022-40899 2 Pythoncharmers, Redhat 4 Python-future, Rhui, Satellite and 1 more 2025-04-15 7.5 High
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.
CVE-2022-40898 2 Redhat, Wheel Project 3 Enterprise Linux, Rhel Software Collections, Wheel 2025-04-15 7.5 High
An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
CVE-2022-1210 2 Libtiff, Netapp 2 Libtiff, Ontap Select Deploy Administration Utility 2025-04-15 4.3 Medium
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.