Lucene search
K

955 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/11 12:0 a.m.6 views

The vulnerability of the Windows operating system’s streaming data transmission service allows a hacker to cause a service failure.

The vulnerability of the Windows operating system’s streaming data transmission service is related to the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.9CVSS7.6AI score0.01076EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.6 views

The vulnerability of the subclasses AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, AMRAudioFileServerMediaSubsessionLive, and OnDemandServerMediaSubsession within the Live555 multimedia streaming library, which allows a malicious actor to trigger a service failure.

The vulnerability of the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, AMRAudioFileServerMediaSubsessionLive, and OnDemandServerMediaSubsession classes within the Live555 streaming multimedia library suite is related to resource management errors. Exploiting this...

7.5CVSS7.2AI score0.01094EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.8 views

The vulnerability of the C/C++ Libstb library, related to reading beyond the allowed buffer data limits, allows a hacker to cause a service failure.

The vulnerability of the C/C++ Libstb library lies in reading data beyond the allowed buffer limits. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using a specially created file...

5.3CVSS6.7AI score0.0056EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of the high-performance server system HPE Cray XD670, related to bypassing authentication through spoofing, allows a perpetrator to trigger a service failure.

The vulnerability of the high-performance server system HPE Cray XD670 relates to bypassing authentication through spoofing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

10CVSS5.5AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of the async.c and dict.c components of the client for interacting with the HIREDIS database allows a attacker to cause a service failure.

The vulnerability of the async.c and dict.c components of the client for interacting with the HIREDIS database is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.5CVSS7.2AI score0.0277EPSS
Exploits1References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.7 views

The vulnerability of the qi_inst_state_free component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the qiinststatefree component in the Virtuoso-OpenSource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially...

7.8CVSS7.3AI score0.00551EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.7 views

The vulnerability of the sqlg_parallel_ts_seq component in the Virtuoso-OpenSource web application development platform allows a attacker to cause a service failure.

The vulnerability of the sqlgparalleltsseq component in the Virtuoso-opensource web application development platform is related to the improper disabling or release of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafte...

7.8CVSS7.3AI score0.00668EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.9 views

The vulnerability of the sqlg_hash_source component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqlghashsource component in the Virtuoso-opensource web application development platform is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending...

7.8CVSS7.3AI score0.00807EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.8 views

The vulnerability of the dfe_body_copy component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the dfebodycopy component in the Virtuoso-OpenSource web application development platform is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

7.8CVSS7.3AI score0.00703EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.7 views

The vulnerability of the Hash Handler component in the 389-ds-base package allows a hacker to trigger a service failure.

The vulnerability of the Hash Handler component in the 389-ds-base package is related to insufficient password hashing. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

5.7CVSS6.6AI score0.00573EPSS
Exploits0References11Affected Software10
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.11 views

The vulnerabilities of Linux operating system’s x86/hypervisor kernel components, which allow attackers to cause service interruptions.

The vulnerability of the hvmachineshutdown function in Linux kernel-based x86/hyperv components is related to improper initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.6 views

Vulnerability of RDMA/hns components of Linux operating system cores, allowing attackers to cause service interruptions

The vulnerability of RDMA/hns components of the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00189EPSS
Exploits0References16Affected Software8
BDU FSTEC
BDU FSTEC
added 2025/03/24 12:0 a.m.6 views

The vulnerability of the `tcp_can_coalesce_send_queue_head()` function in the `net/ipv4/tcp_output.c` module of the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the tcpcancoalescesendqueuehead function in the net/ipv4/tcpoutput.c module of the Linux kernel is associated with code errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.00875EPSS
Exploits0References25Affected Software8
BDU FSTEC
BDU FSTEC
added 2025/03/23 12:0 a.m.8 views

The vulnerability of the Cisco AnyConnect VPN server’s microprogramming software in Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateways allows a intruder to trigger a service failure.

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateways is related to a reallocation of memory. Exploiting this vulnerability could allow an attacker to cause service interruptions by sending specially...

8.6CVSS5.4AI score0.00505EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2025/03/22 12:20 p.m.15 views

CVE-2024-12537

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

7.5CVSS7.2AI score0.00879EPSS
Exploits2References1
NVD
NVD
added 2025/03/20 10:15 a.m.10 views

CVE-2024-12537

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

7.5CVSS0.00879EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.11 views

CVE-2024-12537 Unauthenticated Denial of Service in open-webui/open-webui

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

7.5CVSS7.6AI score0.00879EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.16 views

CVE-2024-12537 Unauthenticated Denial of Service in open-webui/open-webui

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

7.5CVSS0.00879EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.7 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab EE/CE lies in the use of incorrect authentication tokens due to unlimited resource distribution. This allows a hacker to cause service failures.

The vulnerability of the Git-based software platform for collaborative code development in GitLab EE/CE stems from the use of incorrect authentication tokens due to unlimited resource distribution. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

8.7CVSS5.5AI score0.00473EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.11 views

The vulnerability of the Internet Printing Protocol (IPP) implementation in multifunctional HP LaserJet MFP devices allows a perpetrator to cause service interruptions.

The vulnerability of the Internet Printing Protocol IPP implementation in microprogrammed multifunctional devices like HP LaserJet MFP is related to improper handling of unexpected types of data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending...

5.3CVSS5.5AI score0.00425EPSS
Exploits0References2Affected Software12
Rows per page
Query Builder