Page 38 of 38455 results (0.341 seconds)

CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0

All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. • https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w • CWE-270: Privilege Context Switching Error •

CVSS: 6.9EPSS: 0%CPEs: -EXPL: 0

VIMESA VHF/FM Transmitter Blue Plus is suffering from a Denial-of-Service (DoS) vulnerability. An unauthenticated attacker can issue an unauthorized HTTP GET request to the unprotected endpoint 'doreboot' and restart the transmitter operations. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-298-01 • CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

A denial of service could occur via importing a malicious crafted XML manifest file. • https://gitlab.com/gitlab-org/gitlab/-/issues/472928 https://hackerone.com/reports/2571364 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. ... A successful exploit could allow the attacker to exhaust available SSH resources on the affected device so that new SSH connections to the device are denied, resulting in a DoS condition. Existing SSH connections to the device would continue to function normally. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.6EPSS: 0%CPEs: 175EXPL: 0

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of client key data after the TLS session is established. ... A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT • CWE-20: Improper Input Validation •