Total
3294 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-125026 | 1 Cloudflare | 1 Golz4 | 2025-04-11 | 9.8 Critical |
| LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input. | ||||
| CVE-2014-3211 | 1 Publify | 1 Publify | 2025-04-11 | 7.5 High |
| Publify before 8.0.1 is vulnerable to a Denial of Service attack | ||||
| CVE-2021-4235 | 2 Redhat, Yaml Project | 3 Openshift, Openshift Data Foundation, Yaml | 2025-04-11 | 5.5 Medium |
| Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector. | ||||
| CVE-2019-25072 | 1 Tendermint | 1 Tendermint | 2025-04-11 | 7.5 High |
| Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector. | ||||
| CVE-2022-46740 | 1 Huawei | 2 Ws7100-20, Ws7100-20 Firmware | 2025-04-11 | 6.5 Medium |
| There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition. | ||||
| CVE-2025-27081 | 2025-04-11 | 6.8 Medium | ||
| A potential security vulnerability in HPE NonStop OSM Service Connection Suite could potentially be exploited to allow a local Denial of Service. | ||||
| CVE-2013-6478 | 2 Pidgin, Redhat | 2 Pidgin, Enterprise Linux | 2025-04-11 | N/A |
| gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service (application crash) via a long URL that is examined with a tooltip. | ||||
| CVE-2013-6414 | 3 Redhat, Rhel Sam, Rubyonrails | 5 Openstack, Rhel Software Collections, 1.4 and 2 more | 2025-04-11 | N/A |
| actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching. | ||||
| CVE-2011-1083 | 3 Linux, Redhat, Suse | 9 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-11 | N/A |
| The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. | ||||
| CVE-2013-5745 | 3 Canonical, David King, Redhat | 3 Ubuntu Linux, Vino, Enterprise Linux | 2025-04-11 | N/A |
| The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote attackers to cause a denial of service (infinite loop, CPU and disk consumption) via multiple crafted requests during authentication. | ||||
| CVE-2011-1082 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-11 | N/A |
| fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. | ||||
| CVE-2013-4517 | 2 Apache, Redhat | 10 Santuario Xml Security For Java, Jboss Bpms, Jboss Brms and 7 more | 2025-04-11 | N/A |
| Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures. | ||||
| CVE-2011-0999 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-04-11 | N/A |
| mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page (THP) during the existence of a temporary stack for an exec system call, which allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact via a crafted application. | ||||
| CVE-2013-4363 | 2 Ruby-lang, Rubygems | 2 Ruby, Rubygems | 2025-04-11 | N/A |
| Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.2, 1.8.24 through 1.8.26, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. NOTE: this issue is due to an incomplete fix for CVE-2013-4287. | ||||
| CVE-2013-4287 | 3 Redhat, Ruby-lang, Rubygems | 7 Enterprise Linux, Enterprise Mrg, Openshift and 4 more | 2025-04-11 | N/A |
| Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. | ||||
| CVE-2011-0985 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors. | ||||
| CVE-2013-4180 | 2 Redhat, Theforeman | 3 Openstack, Satellite, Foreman | 2025-04-11 | N/A |
| The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol. | ||||
| CVE-2011-0762 | 7 Canonical, Debian, Fedoraproject and 4 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2025-04-11 | N/A |
| The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. | ||||
| CVE-2010-5107 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2025-04-11 | N/A |
| The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. | ||||
| CVE-2013-2763 | 1 Schneider-electric | 24 Modicon M340 Bmx Noc 0401, Modicon M340 Bmx Noc 0401 Firmware, Modicon M340 Bmx Noe 0100 and 21 more | 2025-04-11 | N/A |
| The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions. | ||||