Total
2847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34055 | 2 Redhat, Vmware | 2 Jboss Fuse, Spring Boot | 2024-08-02 | 5.3 Medium |
| In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * org.springframework.boot:spring-boot-actuator is on the classpath | ||||
| CVE-2023-33957 | 1 Notaryproject | 1 Notation-go | 2024-08-02 | 2.6 Low |
| notation is a CLI tool to sign and verify OCI artifacts and container images. An attacker who has compromised a registry and added a high number of signatures to an artifact can cause denial of service of services on the machine, if a user runs notation inspect command on the same machine. The problem has been fixed in the release v1.0.0-rc.6. Users should upgrade their notation packages to v1.0.0-rc.6 or above. Users are advised to upgrade. Users unable to upgrade may restrict container registries to a set of secure and trusted container registries. | ||||
| CVE-2023-33980 | 1 Briarproject | 1 Briar | 2024-08-02 | 7.5 High |
| Bramble Synchronisation Protocol (BSP) in Briar before 1.4.22 allows attackers to cause a denial of service (repeated application crashes) via a series of long messages to a contact. | ||||
| CVE-2023-33958 | 1 Notaryproject | 1 Notation-go | 2024-08-02 | 5.4 Medium |
| notation is a CLI tool to sign and verify OCI artifacts and container images. An attacker who has compromised a registry and added a high number of signatures to an artifact can cause denial of service of services on the machine, if a user runs notation verify command on the same machine. The problem has been fixed in the release v1.0.0-rc.6. Users should upgrade their notation packages to v1.0.0-rc.6 or above. Users unable to upgrade may restrict container registries to a set of secure and trusted container registries. | ||||
| CVE-2023-33720 | 1 Mp4v2 Project | 1 Mp4v2 | 2024-08-02 | 6.5 Medium |
| mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty. | ||||
| CVE-2023-33297 | 1 Bitcoin | 1 Bitcoin Core | 2024-08-02 | 7.5 High |
| Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. | ||||
| CVE-2023-33285 | 2 Qt, Redhat | 2 Qt, Enterprise Linux | 2024-08-02 | 5.3 Medium |
| An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server. | ||||
| CVE-2023-33204 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-08-02 | 7.8 High |
| sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. | ||||
| CVE-2023-33141 | 1 Microsoft | 1 Yet Another Reverse Proxy | 2024-08-02 | 7.5 High |
| Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability | ||||
| CVE-2023-33026 | 1 Qualcomm | 399 Ar8035, Ar8035 Firmware, Ar9380 and 396 more | 2024-08-02 | 7.5 High |
| Transient DOS in WLAN Firmware while parsing a NAN management frame. | ||||
| CVE-2023-32787 | 2 Opcfoundation, Prosysopc | 4 Ua Java Legacy, Ua Historian, Ua Modbus Server and 1 more | 2024-08-02 | 7.5 High |
| The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications. | ||||
| CVE-2023-32665 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2024-08-02 | 5.5 Medium |
| A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. | ||||
| CVE-2023-32636 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2024-08-02 | 4.7 Medium |
| A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. | ||||
| CVE-2023-32611 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2024-08-02 | 5.5 Medium |
| A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. | ||||
| CVE-2023-32341 | 1 Ibm | 1 Sterling B2b Integrator | 2024-08-02 | 6.5 Medium |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 255827. | ||||
| CVE-2023-32229 | 1 Bosch | 17 Autodome 7000i, Autodome 7100 Ir, Autodome Inteox 7000i and 14 more | 2024-08-02 | 4.9 Medium |
| Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256. | ||||
| CVE-2023-32214 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-08-02 | 7.5 High |
| Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. | ||||
| CVE-2023-32211 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-08-02 | 6.5 Medium |
| A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. | ||||
| CVE-2023-32114 | 1 Sap | 1 Netweaver | 2024-08-02 | 2.7 Low |
| SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application. | ||||
| CVE-2023-32013 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2024-08-02 | 5.3 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||