Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dos vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2758
Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately.
1 Article
7.5
CVSSv3
CVE-2021-28994
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core up to and including 8.7.16, 9.x up to and including 9.1.0, 10.x up to and including 10.0.7, and 11.x up to and including 11.0.1 and Zarafa 6.30.x up to and including 7.2.x allows memory exhaustion via long HTTP headers.
Kopano Groupware Core
Zarafa Zarafa
7.5
CVSSv3
CVE-2015-4410
The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote malicious users to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string.
Moped Project Moped -
Fedoraproject Fedora 21
Fedoraproject Fedora 22
7.5
CVSSv3
CVE-2021-20216
A flaw was found in Privoxy in versions prior to 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability.
Privoxy Privoxy
NA
CVE-2004-0466
WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote malicious users to cause a denial of service (hang) via a URL containing an MS-DOS device name such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1.
Openconnect Webconnect 6.5
Openconnect Webconnect 6.4.4
5.3
CVSSv3
CVE-2024-22023
An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a li...
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
7.5
CVSSv3
CVE-2024-22052
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
8.2
CVSSv3
CVE-2024-22053
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read conte...
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
7.5
CVSSv3
CVE-2021-20217
A flaw was found in Privoxy in versions prior to 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.
Privoxy Privoxy
7.5
CVSSv3
CVE-2021-20272
A flaw was found in privoxy prior to 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.
Privoxy Privoxy
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »