Fallos del tipo CWE-400

2398 resultados
CVE-2023-26104HIGHAll versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes coEPSS 1.2%CVE-2023-5915A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerabEPSS 1.2%CVE-2017-16030Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headeEPSS 1.2%CVE-2020-8192A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0-rc.4 that allows a malicious user to trigger resource exhaustion (wheEPSS 1.2%CVE-2021-0229MEDIUMJunos OS: Receipt of specific packets could lead to Denial of Service in MQTT ServerEPSS 1.2%CVE-2021-23215An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could EPSS 1.2%CVE-2016-10520jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.EPSS 1.2%CVE-2015-9239ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.EPSS 1.2%CVE-2022-21700MEDIUMMemory leak in micronaut-coreEPSS 1.1%CVE-2017-2680HIGHSpecially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment EPSS 1.1%CVE-2023-26433MEDIUMWhen adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access tEPSS 1.1%CVE-2023-26432MEDIUMWhen adding an external mail account, processing of SMTP "capabilities" responses are not limited to plausible sizes. Attacker with access tEPSS 1.1%CVE-2023-26434MEDIUMWhen adding an external mail account, processing of POP3 "capabilities" responses are not limited to plausible sizes. Attacker with access tEPSS 1.1%CVE-2023-39321Panic when processing post-handshake message on QUIC connections in crypto/tlsEPSS 1.1%CVE-2020-8123A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that can be abused in the admin console using admin rights can lead to arbEPSS 1.1%CVE-2023-38200HIGHKeylime: registrar is subject to a dos against ssl connectionsEPSS 1.1%CVE-2021-1266MEDIUMCisco Managed Services Accelerator Denial of Service VulnerabilityEPSS 1.1%CVE-2022-38150MEDIUMIn Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forgEPSS 1.1%CVE-2023-34104HIGHRegex Injection via Doctype EntitiesEPSS 1.1%CVE-2020-5423HIGHCloud Controller is vulnerable to denial of service via YAML parsingEPSS 1.1%