Total
940 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0480 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-03-03 | N/A | 5.5 MEDIUM |
| A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks. | |||||
| CVE-2022-38153 | 1 Wolfssl | 1 Wolfssl | 2023-03-01 | N/A | 5.9 MEDIUM |
| An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket (more than 256 bytes) into a NewSessionTicket message in a TLS 1.2 handshake, and the client has a non-empty session cache, the session cache frees a pointer that points to unallocated memory, causing the client to crash with a "free(): invalid pointer" message. NOTE: It is likely that this is also exploitable during TLS 1.3 handshakes between a client and a malicious server. With TLS 1.3, it is not possible to exploit this as a man-in-the-middle. | |||||
| CVE-2018-3711 | 1 Fastify | 1 Fastify | 2023-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Fastify node module before 0.38.0 is vulnerable to a denial-of-service attack by sending a request with "Content-Type: application/json" and a very large payload. | |||||
| CVE-2023-25171 | 1 Kiwitcms | 1 Kiwi Tcms | 2023-02-24 | N/A | 5.9 MEDIUM |
| Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible. | |||||
| CVE-2022-36324 | 1 Siemens | 168 Scalance M-800, Scalance M-800 Firmware, Scalance S615 and 165 more | 2023-02-23 | N/A | 7.5 HIGH |
| Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack. | |||||
| CVE-2023-25576 | 1 Fastify | 1 Fastify-multipart | 2023-02-22 | N/A | 7.5 HIGH |
| @fastify/multipart is a Fastify plugin to parse the multipart content-type. Prior to versions 7.4.1 and 6.0.1, @fastify/multipart may experience denial of service due to a number of situations in which an unlimited number of parts are accepted. This includes the multipart body parser accepting an unlimited number of file parts, the multipart body parser accepting an unlimited number of field parts, and the multipart body parser accepting an unlimited number of empty parts as field parts. This is fixed in v7.4.1 (for Fastify v4.x) and v6.0.1 (for Fastify v3.x). There are no known workarounds. | |||||
| CVE-2018-16865 | 5 Canonical, Debian, Oracle and 2 more | 11 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 8 more | 2023-02-13 | 4.6 MEDIUM | 7.8 HIGH |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | |||||
| CVE-2018-16864 | 5 Canonical, Debian, Oracle and 2 more | 11 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 8 more | 2023-02-13 | 4.6 MEDIUM | 7.8 HIGH |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | |||||
| CVE-2008-2364 | 4 Apache, Canonical, Fedoraproject and 1 more | 7 Http Server, Ubuntu Linux, Fedora and 4 more | 2023-02-13 | 5.0 MEDIUM | N/A |
| The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. | |||||
| CVE-2005-2970 | 4 Apache, Canonical, Fedoraproject and 1 more | 6 Http Server, Ubuntu Linux, Fedora Core and 3 more | 2023-02-13 | 5.0 MEDIUM | N/A |
| Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. | |||||
| CVE-2020-14336 | 1 Redhat | 1 Openshift Container Platform | 2023-02-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2019-3882 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2023-02-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable. | |||||
| CVE-2019-14834 | 2 Fedoraproject, Thekelleys | 2 Fedora, Dnsmasq | 2023-02-12 | 4.3 MEDIUM | 3.7 LOW |
| A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. | |||||
| CVE-2017-15124 | 1 Qemu | 1 Qemu | 2023-02-12 | 7.8 HIGH | 7.5 HIGH |
| VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host. | |||||
| CVE-2016-8576 | 4 Debian, Opensuse, Qemu and 1 more | 6 Debian Linux, Leap, Qemu and 3 more | 2023-02-12 | 2.1 LOW | 6.0 MEDIUM |
| The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. | |||||
| CVE-2023-22739 | 1 Discourse | 1 Discourse | 2023-02-06 | N/A | 6.5 MEDIUM |
| Discourse is an open source platform for community discussion. Versions prior to 3.0.1 (stable), 3.1.0.beta2 (beta), and 3.1.0.beta2 (tests-passed) are subject to Allocation of Resources Without Limits or Throttling. As there is no limit on data contained in a draft, a malicious user can create an arbitrarily large draft, forcing the instance to a crawl. This issue is patched in versions 3.0.1 (stable), 3.1.0.beta2 (beta), and 3.1.0.beta2 (tests-passed). There are no workarounds. | |||||
| CVE-2019-3721 | 1 Dell | 1 Emc Openmanage Server Administrator | 2023-02-03 | 7.8 HIGH | 7.5 HIGH |
| Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing users from accessing the system. | |||||
| CVE-2019-10163 | 2 Opensuse, Powerdns | 3 Backports, Leap, Authoritative | 2023-02-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. | |||||
| CVE-2023-22397 | 1 Juniper | 2 Junos Os Evolved, Ptx10003 | 2023-01-24 | N/A | 6.1 MEDIUM |
| An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin a Time-of-check Time-of-use (TOCTOU) Race Condition attack which will cause a memory leak to begin. Once this condition begins, and as long as the attacker is able to sustain the offending traffic, a Distributed Denial of Service (DDoS) event occurs. As a DDoS event, the offending packets sent by the attacker will continue to flow from one device to another as long as they are received and processed by any devices, ultimately causing a cascading outage to any vulnerable devices. Devices not vulnerable to the memory leak will process and forward the offending packet(s) to neighboring devices. Due to internal anti-flood security controls and mechanisms reaching their maximum limit of response in the worst-case scenario, all affected Junos OS Evolved devices will reboot in as little as 1.5 days. Reboots to restore services cannot be avoided once the memory leak begins. The device will self-recover after crashing and rebooting. Operator intervention isn't required to restart the device. This issue affects: Juniper Networks Junos OS Evolved on PTX10003: All versions prior to 20.4R3-S4-EVO; 21.3 versions prior to 21.3R3-S1-EVO; 21.4 versions prior to 21.4R2-S2-EVO, 21.4R3-EVO; 22.1 versions prior to 22.1R1-S2-EVO, 22.1R2-EVO; 22.2 versions prior to 22.2R2-EVO. To check memory, customers may VTY to the PFE first then execute the following show statement: show jexpr jtm ingress-main-memory chip 255 | no-more Alternatively one may execute from the RE CLI: request pfe execute target fpc0 command "show jexpr jtm ingress-main-memory chip 255 | no-more" Iteration 1: Example output: Mem type: NH, alloc type: JTM 136776 bytes used (max 138216 bytes used) 911568 bytes available (909312 bytes from free pages) Iteration 2: Example output: Mem type: NH, alloc type: JTM 137288 bytes used (max 138216 bytes used) 911056 bytes available (909312 bytes from free pages) The same can be seen in the CLI below, assuming the scale does not change: show npu memory info Example output: FPC0:NPU16 mem-util-jnh-nh-size 2097152 FPC0:NPU16 mem-util-jnh-nh-allocated 135272 FPC0:NPU16 mem-util-jnh-nh-utilization 6 | |||||
| CVE-2017-11468 | 2 Docker, Redhat | 2 Docker Registry, Enterprise Linux Server | 2023-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint. | |||||