Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dos vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2653
amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash.
1 Article
7.5
CVSSv3
CVE-2021-28994
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core up to and including 8.7.16, 9.x up to and including 9.1.0, 10.x up to and including 10.0.7, and 11.x up to and including 11.0.1 and Zarafa 6.30.x up to and including 7.2.x allows memory exhaustion via long HTTP headers.
Kopano Groupware Core
Zarafa Zarafa
7.5
CVSSv3
CVE-2015-4410
The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote malicious users to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string.
Moped Project Moped -
Fedoraproject Fedora 22
Fedoraproject Fedora 21
NA
CVE-2006-0956
nuauth in NuFW prior to 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server.
Nufw Nufw Firewall 1.0.20
NA
CVE-2007-1614
Stack-based buffer overflow in the zzip_open_shared_io function in zzip/file.c in ZZIPlib Library prior to 0.13.49 allows user-assisted remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a long filename.
Zziplib Zziplib
7.5
CVSSv3
CVE-2021-20216
A flaw was found in Privoxy in versions prior to 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability.
Privoxy Privoxy
7.5
CVSSv3
CVE-2021-20274
A flaw was found in privoxy prior to 3.0.32. A crash may occur due a NULL-pointer dereference when the socks server misbehaves.
Privoxy Privoxy
NA
CVE-2013-2014
OpenStack Identity (Keystone) prior to 2013.1 allows remote malicious users to cause a denial of service (memory consumption and crash) via multiple long requests.
Openstack Keystone
Fedoraproject Fedora 19
5.3
CVSSv3
CVE-2024-22023
An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a li...
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
7.5
CVSSv3
CVE-2024-22052
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack
Ivanti Connect Secure 9.1
Ivanti Policy Secure 9.1
Ivanti Policy Secure 9.0
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.4
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.6
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »