CVE-2024-7409

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

CVE-2024-41655 TF2 Item Format Regular Expression Denial of Service vulnerability

TF2 Item Format helps users format TF2 items to the community standards. Versions of tf2-item-format since at least 4.2.6 and prior to 5.9.14 are vulnerable to a Regular Expression Denial of Service ReDoS attack when parsing crafted user input. This vulnerability can be exploited by an attacker t...

EulerOS 2.0 SP8 : python3 (EulerOS-SA-2024-2047)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects serve...

CVE-2024-21176

CVE-2024-21176 affects Oracle MySQL Server (Server: Thread Pooling). Affected: 8.4.0 and earlier. A low-privileged, network-accessible attacker via multiple protocols can cause the server to hang or crash (DoS). Remediation exists via Oracle CPU advisories; product-specific fixes are referenced i...

CVE-2024-21171

CVE-2024-21171 concerns Oracle MySQL Server (component: Server: Optimizer). Affected versions: 8.0.37 and earlier, and 8.4.0 and earlier. The description states the vulnerability is easily exploitable by a low-privilege attacker with network access via multiple protocols and can lead to a hang or...

PT-2024-4997 · Oracle +2 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.36 and prior Oracle MySQL Server versions 8.3.0 and prior Description: The issue is related to the Server: Optimizer component of Oracle MySQL Server and is caused by incorrect resource cleanup or deallocation...

CVE-2024-21521

CVE-2024-21521 affects the @discordjs/opus package (native bindings to libopus). The vulnerability arises when an input object with a toString property is passed to several functions, potentially causing a system crash (DoS). If exploiting details are provided, they would be consistent with a Den...

Spring Cloud Function Framework vulnerable to Denial of Service

In Spring Cloud Function framework, versions 4.1.x prior to 4.1.2, 4.0.x prior to 4.0.8 an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions. Specifically, an application is vulnerable when all of the following are true: User is using Sprin...

CVE-2024-22271

A flaw was found in the Spring Cloud Function framework. Affected versions of this package are vulnerable to denial of service DoS when attempting to compose functions with nonexisting functions. This flaw allows an attacker to trigger a cache overflow. Mitigation Mitigation for this issue is...

CVE-2024-22271

In Spring Cloud Function framework, versions 4.1.x prior to 4.1.2, 4.0.x prior to 4.0.8 an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions. Specifically, an application is vulnerable when all of the following are true: User is using Sprin...

CVE-2024-22271

The CVE-2024-22271 entry describes a denial-of-service vulnerability in Spring Cloud Function Framework when composing functions with non-existing functions. Affected versions are Spring Cloud Function Framework 4.1.0–4.1.2 and 4.0.0–4.0.8, specifically when using the Web module. The root cause i...

CVE-2024-22271 Spring Cloud Function Web DOS Vulnerability

In Spring Cloud Function framework, versions 4.1.x prior to 4.1.2, 4.0.x prior to 4.0.8 an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions. Specifically, an application is vulnerable when all of the following are true: User is using Sprin...

CVE-2024-31957

A vulnerability was discovered in Samsung Mobile Processors Exynos 2200 and Exynos 2400 where they lack a check for the validation of native handles, which can result in a DoSDenial of Service attack by unmapping an invalid length...

CVE-2024-39181

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a buffer overflow via the ApCliSsid parameter in thegenerateconfrouter function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-39895 Directus GraphQL Field Duplication Denial of Service (DoS)

Directus is a real-time API and App dashboard for managing SQL database content. A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single...

NULL Pointer Dereference

libzephyr.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to a malicious BLE device sending a specific order of packet sequences to cause a DoS attack on the victim BLE device...

K000140251: Python vulnerabilities CVE-2022-48564 and CVE-2022-48566

Security Advisory Description CVE-2022-48564 readints in plistlib . py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. CVE-2022-48566 An issue was discovered in comparedigest in...

CVE-2024-3332

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

CVE-2024-3332 bt: host/smp: DoS caused by null pointer dereference

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

CVE-2024-3332 bt: host/smp: DoS caused by null pointer dereference

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...