Lucene search
+L

279 matches found

redhatcve
redhatcve
added 2022/05/20 10:52 p.m.27 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS3.3AI score0.0126EPSS
Exploits1References1
debiancve
debiancve
added 2022/02/28 1:26 p.m.43 views

CVE-2022-24685

Removed by vendor...

7.5CVSS7.5AI score0.01524EPSS
Exploits0
nessus
nessus
added 2022/02/07 12:0 a.m.17 views

Mitsubishi Electric MELSEC iQ-R Series Uncontrolled Resource Consumption (CVE-2020-13238)

Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to...

7.8CVSS7.2AI score0.03336EPSS
Exploits0References4
openvas
openvas
added 2022/01/28 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2018-0459)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.47057EPSS
Exploits1References3
ubuntucve
ubuntucve
added 2022/01/14 8:15 p.m.376 views

CVE-2021-46195

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources...

5.5CVSS6.4AI score0.00779EPSS
Exploits1References2
cvelist
cvelist
added 2022/01/14 7:16 p.m.34 views

CVE-2021-46195

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service DoS by consuming excessive CPU and memory resources...

5.9AI score0.00779EPSS
Exploits1References1
osv
osv
added 2021/12/20 4:55 p.m.32 views

GHSA-WXC4-F4M6-WWQV Excessive Platform Resource Consumption within a Loop in Kubernetes

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML...

6.5CVSS6.4AI score0.0236EPSS
Exploits0References9
prion
prion
added 2021/12/01 8:15 p.m.22 views

Denial of service

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

5CVSS7.2AI score0.0126EPSS
Exploits1References2Affected Software1
alpinelinux
alpinelinux
added 2021/12/01 8:15 p.m.36 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS3.3AI score0.0126EPSS
Exploits1
ubuntucve
ubuntucve
added 2021/12/01 8:15 p.m.24 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS7.1AI score0.0126EPSS
Exploits1References3
nessus
nessus
added 2021/11/11 12:0 a.m.42 views

RHEL 8 : python-pillow (RHSA-2021:4149)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4149 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

9.8CVSS7.1AI score0.04851EPSS
Exploits0References34
huntr
huntr
added 2021/09/19 7:26 p.m.20 views

Inefficient Regular Expression Complexity in nltk/nltk

✍️ Description The nltk package is vulnerable to ReDoS regular expression denial of service. An attacker that is able to provide as an input to the readcomparisonblock function in the file "nltk/corpus/reader/comparativesents.py" may cause an application to consume an excessive amount of CPU. Belo...

5CVSS0.7AI score0.01649EPSS
Exploits1
osv
osv
added 2021/09/10 5:54 p.m.28 views

GHSA-5WJF-62HW-Q78R Excessive CPU usage

Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. Impact This can result in a DoS condition. Patches Pomerium versions 0.14.8 and 0.15.1 contain an upgraded...

7.5CVSS7.3AI score0.01662EPSS
Exploits0References5
huntr
huntr
added 2021/09/01 4:7 p.m.24 views

Inefficient Regular Expression Complexity in vuelidate/vuelidate

✍️ Description A ReDoS regular expression denial of service flaw was found in the @vuelidate/validators package. An attacker that is able to provide crafted input to the urlinput function may cause an application to consume an excessive amount of CPU. 🕵️‍♂️ Proof of Concept Create the following...

5CVSS1.4AI score0.01222EPSS
Exploits1
prion
prion
added 2021/08/09 10:15 p.m.18 views

Design/Logic Flaw

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessiv...

4.3CVSS7.5AI score0.00942EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/08/09 9:19 p.m.32 views

CVE-2021-38311

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessiv...

7.7AI score0.00942EPSS
Exploits1References1
prion
prion
added 2021/07/14 4:15 p.m.21 views

Input validation

A ReDoS regular expression denial of service flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmailinput function may cause an application to consume an excessive amount of CPU...

5CVSS7.4AI score0.0099EPSS
Exploits0References2Affected Software1
openvas
openvas
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2012:0772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.9AI score0.05724EPSS
Exploits0References2
veracode
veracode
added 2021/05/29 3:41 p.m.25 views

Regular Expression Denial Of Service (ReDoS)

ws is vulnerable to regular expression denial of service. An attacker is able to cause excessive CPU consumption that can lead to an application crash by submitting a malicious value of Sec-Websocket-Protocol...

5.3CVSS4.2AI score0.02821EPSS
Exploits1References9Affected Software1
mageia
mageia
added 2021/04/12 7:59 p.m.43 views

Updated tor packages fix security vulnerabilities

The dumpdesc function that we used to dump unparseable information to disk, was called incorrectly in several places, in a way that could lead to excessive CPU usage CVE-2021-28089. A bug in appending detached signatures to a pending consensus document could be used to crash a directory authority...

7.5CVSS2AI score0.02096EPSS
Exploits0References2
Rows per page
Query Builder