CVE-2021-39204

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versio...

CVE-2025-24312 BIG-IP AFM vulnerability

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...

K000141380: BIG-IP AFM vulnerability CVE-2025-24312

Security Advisory Description When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. CVE-2025-24312 Impact System performance can...

CVE-2024-20314

A vulnerability in the IPv4 Software-Defined Access SD-Access fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service DoS condition on an affected device. This...

CVE-2024-20303

A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...

F5 Networks BIG-IP : BIG-IP AFM vulnerability (K000141380)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso / Hotfix-BIGIP-16.1.5.2.0.7.5-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000141380 advisory. When BIG-IP AFM is provisioned with IP...

F5 Networks BIG-IP : TMM vulnerability (K000134888)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso / Hotfix-BIGIP-16.1.5.2.0.7.5-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000134888 advisory. When Client SSL or Server SSL profiles...

Cisco IOS XE Software SD Access Fabric Edge Node DoS (cisco-sa-ios-xe-sda-edge-dos-MBcbG9k)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access SD- Access fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilizati...

Cisco NX-OS Uncontrolled Resource Consumption (CVE-2018-0090)

A vulnerability in management interface access control list ACL configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to...

CVE-2024-45797

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5....

CVE-2024-39547 Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization

An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine RE to cause a CPU-based Denial of Service DoS. If special...

CVE-2024-39547 Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization

An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine RE to cause a CPU-based Denial of Service DoS. If special...

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access SD-Access fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service DoS condition that requires a manual...

CVE-2024-20480

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access SD-Access fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service DoS condition that requires a manual...

CVE-2024-20480

Cisco IOS XE Software SD-Access fabric edge nodes are affected by a Denial of Service vulnerability in the DHCP Snooping feature. The issue stems from improper handling of IPv4 DHCP packets, which could let an unauthenticated, remote attacker cause high CPU utilization and traffic processing halt...

Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access SD-Access fabric edge nodes could allow an unauthenticated, remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service DoS condition that requires a manual...

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-41990 via django (>=4.2.0 <=4.2.14)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-41990 Source advisory: OSV:PYSEC-2024-68...

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-38875 via django (>=4.2.0 <=4.2.13)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-38875 Source advisory: OSV:PYSEC-2024-56...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-058)

The version of kernel installed on the remote host is prior to 5.10.29-27.126. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-058 advisory. 2024-06-06: CVE-2021-28951 was added to this advisory. An issue was discovered in fs/iouring.c in the Linu...

ROS-20240423-06

Envoy proxy vulnerability is due to the fact that regular expressions are compiled for each request and can lead to high CPU utilization and increased request latency. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. The Envoy proxy...