CVE-2024-12537

In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely...

The vulnerability of the KWHotel software for hotel management lies in the lack of a mechanism to neutralize elements in the CSV file, allowing a hacker to trigger a service failure.

The vulnerability of the KWHotel hotel management software is related to the lack of mechanisms for neutralizing elements in the CSV file. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the module responsible for processing URL addresses of medical image and data management systems, such as Sante PACS Server PG, allows a hacker to trigger a service failure.

The vulnerability of the URL parsing module of the Sante PACS Server PG system is related to insufficient data validation during URL parsing. Exploiting this vulnerability could allow an attacker to cause service interruptions...

The vulnerability in the implementation of the Online Certificate Status Protocol (OCSP) on Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Online Certificate Status Protocol OCSP implementation in Windows operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerabilities of Intel PROSet/Wireless WiFi and Intel Killer Wi-Fi network devices, related to lack of access control, allow attackers to trigger service interruptions.

The vulnerability of Intel PROSet/Wireless WiFi and Intel Killer Wi-Fi network devices is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to cause service interruptions...

The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche allows attackers to cause service interruptions due to uncontrolled resource consumption.

The vulnerability of the software implementing the transport protocols QUIC and HTTP/3 in CloudFlare Quiche is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the TACACS and RADIUS protocols implemented in Cisco NX-OS operating system routers MDS 9000, Nexus 1000, Nexus 1000V, Nexus 3000, Nexus 5500, Nexus 5600, Nexus 6000, Nexus 7000, Nexus 9000 allows a attacker to cause service interruptions.

The vulnerability of the TACACS and RADIUS protocols for operating systems of Cisco NX-OS routers such as MDS 9000, Nexus 1000, Nexus 1000V, Nexus 3000, Nexus 5500, Nexus 5600, Nexus 6000, Nexus 7000, and Nexus 9000 exists due to insufficient validation of input data. Exploiting this vulnerabilit...

The vulnerability in the implementation of the Control Point and Wireless Access Point Provisioning Protocol (CAPWAP) of the Cisco IOS XE operating system allows a attacker to trigger a service failure.

The vulnerability of the CAPWAP management protocol implementation and wireless access point provisioning in Cisco IOS XE operating systems is related to insufficient validation of CAPWAP packets. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the srxpfe process in the JunOS operating system allows a intruder to trigger a service failure on the Juniper SRX1500 network interface.

The vulnerability of the srxpfe process in the JunOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...