Page 76 of 39565 results (0.127 seconds)

CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0

15 Oct 2024 — Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle BI Publisher accessible data as well as unauthorized update, insert or delete access to some of Oracle BI Publisher accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle BI Publisher. • https://www.oracle.com/security-alerts/cpuoct2024.html •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

15 Oct 2024 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuoct2024.html •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

15 Oct 2024 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuoct2024.html •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

15 Oct 2024 — Uploading multiple such requests in parallel may be enough to render a service practically unusable, even if reasonable request size limits are enforced by a reverse proxy in front of Starlette. This Denial of service (DoS) vulnerability affects all applications built with Starlette (or FastAPI) accepting form requests. • https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0

15 Oct 2024 — Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability. • https://www.herodevs.com/vulnerability-directory/cve-2024-9506 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 6.8EPSS: 0%CPEs: 37EXPL: 0

15 Oct 2024 — A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). • https://access.redhat.com/errata/RHSA-2024:10289 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

15 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/3213fdcab961026203dd587a4533600c70b3336b •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

15 Oct 2024 — Los dispositivos contienen dos cuentas de usuario codificadas con contraseñas codificadas que permiten a un atacante remoto no autenticado tener control total de los dispositivos afectados. • https://cert.vde.com/en/advisories/VDE-2024-056 • CWE-798: Use of Hard-coded Credentials •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

15 Oct 2024 — An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request. • https://gist.github.com/pengwGit/26fd8630392af5d8829c2e220091ac4f • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 1

15 Oct 2024 — Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. • https://github.com/Brinmon/CVE-2024-44337 •