CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-01-06
Low
CVE-2021-44591

Vendor: Libming
Software: Libming
 

 
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.

 
Medium
CVE-2021-43045

Vendor: Apache
Software: AVRO
 

 
A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.

 
2022-01-03
Medium
CVE-2021-37111

Vendor: Huawei
Software: EMUI
 

 
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

 
2021-12-16
Medium
CVE-2021-38244

Vendor: Cbioportal project
Software: Cbioportal
 

 
A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json.

 
2021-12-07
Medium
CVE-2021-44686

Vendor: Calibre-ebook
Software: Calibre
 

 
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.

 
2021-11-30
Medium
CVE-2021-31787

Updating...
 

 
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown of a device by flooding the target device with LMP_features_res packets.

 
2021-11-24
High
CVE-2021-28706

Vendor: XEN
Software: XEN
 

 
guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may overflow. It would then only be the overflowed (and hence small) number which gets compared against the established upper bound.

 
2021-11-05
Medium
CVE-2021-39907

Vendor: Gitlab
Software: Gitlab
 

 
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage.

 
Medium
CVE-2021-39912

Vendor: Gitlab
Software: Gitlab
 

 
A potential DoS vulnerability was discovered in GitLab CE/EE starting with version 13.7. Using a malformed TIFF images was possible to trigger memory exhaustion.

 
2021-11-04
Medium
CVE-2021-39914

Vendor: Gitlab
Software: Gitlab
 

 
A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a specially crafted username was used when provisioning a new user

 

 


Copyright 2022, cxsecurity.com

 

Back to Top