Total
945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41800 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2024-08-04 | 5.3 Medium |
| MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled. | ||||
| CVE-2021-41799 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2024-08-04 | 7.5 High |
| MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan. | ||||
| CVE-2021-41591 | 1 Acinq | 1 Eclair | 2024-08-04 | 9.4 Critical |
| ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure. | ||||
| CVE-2021-41593 | 1 Lightning Network Daemon Project | 1 Lightning Network Daemon | 2024-08-04 | 8.6 High |
| Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure. | ||||
| CVE-2021-41592 | 1 Elementsproject | 1 C-lightning | 2024-08-04 | 9.4 Critical |
| Blockstream c-lightning through 0.10.1 allows loss of funds because of dust HTLC exposure. | ||||
| CVE-2021-41546 | 1 Siemens | 20 Ruggedcom Rox Mx5000, Ruggedcom Rox Mx5000 Firmware, Ruggedcom Rox Rx1400 and 17 more | 2024-08-04 | 7.5 High |
| A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). Affected devices write crashdumps without checking if enough space is available on the filesystem. Once the crashdump fills the entire root filesystem, affected devices fail to boot successfully. An attacker can leverage this vulnerability to cause a permanent Denial-of-Service. | ||||
| CVE-2021-41167 | 1 Modern-async Project | 1 Modern-async | 2024-08-04 | 7.5 High |
| modern-async is an open source JavaScript tooling library for asynchronous operations using async/await and promises. In affected versions a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, in practice, they don't. Any code calling these functions will be written thinking they would limit the concurrency but they won't. This could lead to potential security issues in other projects. The problem has been patched in 1.0.4. There is no workaround. | ||||
| CVE-2021-40941 | 1 Axiosys | 1 Bento4 | 2024-08-04 | 7.5 High |
| In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS). | ||||
| CVE-2021-40797 | 2 Openstack, Redhat | 2 Neutron, Openstack | 2024-08-04 | 6.5 Medium |
| An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service. | ||||
| CVE-2021-40607 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | ||||
| CVE-2021-40609 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | ||||
| CVE-2021-39907 | 1 Gitlab | 1 Gitlab | 2024-08-04 | 5.3 Medium |
| A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage. | ||||
| CVE-2021-39912 | 1 Gitlab | 1 Gitlab | 2024-08-04 | 5.3 Medium |
| A potential DoS vulnerability was discovered in GitLab CE/EE starting with version 13.7. Using a malformed TIFF images was possible to trigger memory exhaustion. | ||||
| CVE-2021-39670 | 1 Google | 1 Android | 2024-08-04 | 5.5 Medium |
| In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-204087139 | ||||
| CVE-2021-39480 | 1 Bingrep Project | 1 Bingrep | 2024-08-04 | 7.5 High |
| Bingrep v0.8.5 was discovered to contain a memory allocation failure which can cause a Denial of Service (DoS). | ||||
| CVE-2021-39293 | 3 Golang, Netapp, Redhat | 7 Go, Cloud Insights Telegraf, Advanced Cluster Security and 4 more | 2024-08-04 | 7.5 High |
| In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196. | ||||
| CVE-2021-38244 | 1 Cbioportal Project | 1 Cbioportal | 2024-08-04 | 7.5 High |
| A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json. | ||||
| CVE-2021-37629 | 1 Nextcloud | 1 Richdocuments | 2024-08-04 | 5.3 Medium |
| Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is a lack of rate limiting on the Richdocuments OCS endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. It is recommended that the Nextcloud Richdocuments app is upgraded to either 3.8.4 or 4.2.1 to resolve. For users unable to upgrade it is recommended that the Richdocuments application be disabled. | ||||
| CVE-2021-37111 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-04 | 7.5 High |
| There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion. | ||||
| CVE-2021-36798 | 1 Helpsystems | 1 Cobalt Strike | 2024-08-04 | 7.5 High |
| A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it. | ||||