Export limit exceeded: 335872 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6086 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32013 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2025-01-01 | 5.3 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2023-24862 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-01-01 | 5.5 Medium |
| Windows Secure Channel Denial of Service Vulnerability | ||||
| CVE-2023-23411 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-01 | 6.5 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2023-21728 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-01-01 | 7.5 High |
| Windows Netlogon Denial of Service Vulnerability | ||||
| CVE-2023-21557 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-01-01 | 7.5 High |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | ||||
| CVE-2023-21543 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-01-01 | 8.1 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21547 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-01 | 7.5 High |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | ||||
| CVE-2024-38236 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2024-12-31 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2018-12121 | 2 Nodejs, Redhat | 9 Node.js, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2024-12-27 | 7.5 High |
| Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. | ||||
| CVE-2024-0115 | 2 Canonical, Nvidia | 3 Ubuntu Linux, Cv-cuda, Jetpack Software Development Kit | 2024-12-26 | 6.1 Medium |
| NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss. | ||||
| CVE-2022-48500 | 1 Huawei | 1 Emui | 2024-12-26 | 7.5 High |
| Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2022-48499 | 1 Huawei | 1 Emui | 2024-12-24 | 7.5 High |
| Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-56200 | 2024-12-20 | 8.6 High | ||
| Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this software is running or placing a heavy load on the network it is using. This issue has been fixed in v12.24Q4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-49363 | 2024-12-19 | 7.4 High | ||
| Misskey is an open source, federated social media platform. In affected versions FileServerService (media proxy) in github.com/misskey-dev/misskey 2024.10.1 or earlier did not detect proxy loops, which allows remote actors to execute a self-propagating reflected/amplified distributed denial-of-service via a maliciously crafted note. FileServerService.prototype.proxyHandler did not check incoming requests are not coming from another proxy server. An attacker can execute an amplified denial-of-service by sending a nested proxy request to the server and end the request with a malicious redirect back to another nested proxy request. Leading to unbounded recursion until the original request is timed out. This issue has been addressed in version 2024.11.0-alpha.3. Users are advised to upgrade. Users unable to upgrade may configure the reverse proxy to block requests to the proxy with an empty User-Agent header or one containing Misskey/. An attacker can not effectively modify the User-Agent header without making another request to the server. | ||||
| CVE-2024-12656 | 1 Fabulatech | 1 Usb Over Network | 2024-12-19 | 5.5 Medium |
| A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12655 | 1 Fabulatech | 1 Usb Over Network | 2024-12-19 | 5.5 Medium |
| A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12660 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-12-19 | 5.5 Medium |
| A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12659 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-12-19 | 5.5 Medium |
| A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been classified as problematic. Affected is the function 0x8001E004 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12658 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-12-19 | 5.5 Medium |
| A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This issue affects the function 0x8001E01C in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12657 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-12-19 | 5.5 Medium |
| A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||