Page 8 of 38450 results (0.173 seconds)

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

This could lead to remote denial of service due to resource exhaustion with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets. • https://jvn.jp/vu/JVNVU97790713 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-009_en.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-24-324-01 • CWE-1287: Improper Validation of Specified Type of Input •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. • https://github.com/eslint/rewrite/commit/071be842f0bd58de4863cdf2ab86d60f49912abf https://security.snyk.io/vuln/SNYK-JS-ESLINTPLUGINKIT-8340627 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirv_upload_file_by_chunks() function and lack of in all versions up to, and including, 7.3.0. • https://plugins.trac.wordpress.org/browser/sirv/tags/7.2.8/sirv.php#L4691 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3186406%40sirv&new=3186406%40sirv&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/d6ec09e5-4994-4d23-bf8e-26b64d5303fa?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 8.4EPSS: 0%CPEs: 148EXPL: 0

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. ... A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. ... Una vulnerabilidad en la CLI del software Cisco SD-WAN podría permitir que un atacante local autenticado cree o sobrescriba archivos arbitrarios en un dispositivo afectado, lo que podría generar una condición de denegación de servicio (DoS). ... Una explotación exitosa podría permitir que el atacante cree o sobrescriba archivos arbitrarios en el dispositivo afectado, lo que podría generar una condición de denegación de servicio (DoS). • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •