| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms |
| Uncontrolled resource consumption vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07.03 and higher. An attacker could interrupt the availability of the administration panel by sending multiple ICMP packets. |
| Directus is a real-time API and App dashboard for managing SQL database content. A denial of service (DoS) attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single query. This can cause the server to perform redundant computations and consume excessive resources, leading to a denial of service for legitimate users. Request to the endpoint /graphql are sent when visualizing graphs generated at a dashboard. By modifying the data sent and duplicating many times the fields a DoS attack is possible. This vulnerability is fixed in 10.12.0. |
| An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. |
| Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications) are vulnerable to a relatively simple but effective resource exhaustion (denial of service) attack. A specifically crafted form submission request can cause the parser to allocate and block 3 to 8 times the upload size in main memory. There is no upper limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds. Werkzeug version 3.0.6 fixes this issue. |
| .NET Framework Denial of Service Vulnerability |
| .NET Core and Visual Studio Denial of Service Vulnerability |
| HTTP.sys Denial of Service Vulnerability |
| Windows CryptoAPI Denial of Service Vulnerability |
| Windows Authentication Denial of Service Vulnerability |
| Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Windows Secure Channel Denial of Service Vulnerability |
| Windows Hyper-V Denial of Service Vulnerability |
| Windows Netlogon Denial of Service Vulnerability |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
| DHCP Server Service Denial of Service Vulnerability |
| Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. |
