Fallos del tipo CWE-400

2373 resultados

CVE-2018-14648HIGHA flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the do_search() functiEPSS 6.2%CVE-2018-10851MEDIUMPowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, EPSS 6.0%CVE-2022-21698HIGHUncontrolled Resource Consumption in promhttpEPSS 6.0%CVE-2017-12174—It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is createdEPSS 6.0%CVE-2021-37136—The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocatiEPSS 5.7%CVE-2023-36435HIGHMicrosoft QUIC Denial of Service VulnerabilityEPSS 5.5%CVE-2018-14629MEDIUMA denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead toEPSS 5.2%CVE-2026-20139MEDIUMClient-Side Denial of Service (DoS) through ''/splunkd/__raw/services/authentication/users/username'' REST API endpoint in Splunk EnterpriseEPSS 5.1%CVE-2004-1464MEDIUMCisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafEPSS 5.1%KEV CVE-2018-12545—In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETEPSS 5.1%CVE-2019-5739—Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introducEPSS 5.1%CVE-2021-22904—The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token AuthentEPSS 4.8%CVE-2021-3622—A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cEPSS 4.8%CVE-2017-6017—A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR020EPSS 4.8%CVE-2021-3733—There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as webEPSS 4.7%CVE-2022-29145HIGH.NET and Visual Studio Denial of Service VulnerabilityEPSS 4.7%CVE-2023-36799MEDIUM.NET Core and Visual Studio Denial of Service VulnerabilityEPSS 4.7%CVE-2023-1992MEDIUMRPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture fiEPSS 4.6%CVE-2022-29117HIGH.NET and Visual Studio Denial of Service VulnerabilityEPSS 4.6%CVE-2024-34750HIGHApache Tomcat: HTTP/2 excess header handling DoSEPSS 4.6%

← anteriorpágina 5 / 119siguiente →