CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2021(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-45700 400 DoS 2021-12-27 2022-01-06
7.8
None Remote Low Not required None None Complete
An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of service (Nervos CKB blockchain node crash) via a dead call that is used as a DepGroup.
2 CVE-2021-45519 DoS 2021-12-26 2022-01-03
6.1
None Local Network Low Not required None None Complete
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
3 CVE-2021-45518 DoS 2021-12-26 2022-01-03
6.1
None Local Network Low Not required None None Complete
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
4 CVE-2021-45517 DoS 2021-12-26 2022-01-03
6.1
None Local Network Low Not required None None Complete
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
5 CVE-2021-45516 DoS 2021-12-26 2022-01-05
2.7
None Local Network Low ??? None None Partial
Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R8000 before 1.0.4.74, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
6 CVE-2021-45515 DoS 2021-12-26 2022-01-05
3.3
None Local Network Low Not required None None Partial
Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
7 CVE-2021-45470 DoS 2021-12-23 2021-12-29
5.0
None Remote Low Not required None None Partial
lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular expression injection, which can lead to ReDoS (regular expression denial of service) or other impacts.
8 CVE-2021-45293 119 DoS Overflow 2021-12-21 2022-02-05
4.3
None Remote Medium Not required None None Partial
A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.
9 CVE-2021-45292 476 DoS 2021-12-21 2021-12-30
4.3
None Remote Medium Not required None None Partial
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
10 CVE-2021-45291 416 DoS 2021-12-21 2021-12-30
4.3
None Remote Medium Not required None None Partial
The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
11 CVE-2021-45290 617 DoS 2021-12-21 2022-02-05
5.0
None Remote Low Not required None None Partial
A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.
12 CVE-2021-45289 DoS 2021-12-21 2021-12-30
4.3
None Remote Medium Not required None None Partial
A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL.
13 CVE-2021-45261 763 DoS 2021-12-22 2021-12-28
4.3
None Remote Medium Not required None None Partial
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
14 CVE-2021-45105 20 DoS 2021-12-18 2022-04-20
4.3
None Remote Medium Not required None None Partial
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
15 CVE-2021-45078 787 DoS Overflow 2021-12-15 2022-03-29
6.8
None Remote Medium Not required Partial Partial Partial
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.
16 CVE-2021-45042 DoS 2021-12-17 2021-12-30
6.8
None Remote Low ??? None None Complete
In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user (with write permissions to a kv secrets engine) to cause a panic and denial of service of the storage backend. The earliest affected version is 1.4.0.
17 CVE-2021-44924 835 DoS 2021-12-21 2021-12-27
4.3
None Remote Medium Not required None None Partial
An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service.
18 CVE-2021-44686 400 DoS 2021-12-07 2022-05-03
5.0
None Remote Low Not required None None Partial
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.
19 CVE-2021-44429 120 DoS 2021-11-29 2021-11-30
5.0
None Remote Low Not required None None Partial
Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a related issue to CVE-2013-0145.
20 CVE-2021-44428 120 DoS 2021-11-29 2021-11-30
5.0
None Remote Low Not required None None Partial
Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1.
21 CVE-2021-44199 427 DoS 2021-11-29 2021-11-30
1.9
None Local Medium Not required None None Partial
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612
22 CVE-2021-43976 DoS 2021-11-17 2022-04-06
2.1
None Local Low Not required None None Partial
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
23 CVE-2021-43854 400 DoS 2021-12-23 2022-01-04
5.0
None Remote Low Not required None None Partial
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service (ReDoS) attacks. The vulnerability is present in PunktSentenceTokenizer, sent_tokenize and word_tokenize. Any users of this class, or these two functions, are vulnerable to the ReDoS attack. In short, a specifically crafted long input to any of these vulnerable functions will cause them to take a significant amount of execution time. If your program relies on any of the vulnerable functions for tokenizing unpredictable user input, then we would strongly recommend upgrading to a version of NLTK without the vulnerability. For users unable to upgrade the execution time can be bounded by limiting the maximum length of an input to any of the vulnerable functions. Our recommendation is to implement such a limit.
24 CVE-2021-43843 400 DoS 2021-12-20 2022-01-03
5.0
None Remote Low Not required None None Partial
jsx-slack is a package for building JSON objects for Slack block kit surfaces from JSX. The maintainers found the patch for CVE-2021-43838 in jsx-slack v4.5.1 is insufficient tfor protection from a Regular Expression Denial of Service (ReDoS) attack. If an attacker can put a lot of JSX elements into `<blockquote>` tag _with including multibyte characters_, an internal regular expression for escaping characters may consume an excessive amount of computing resources. v4.5.1 passes the test against ASCII characters but misses the case of multibyte characters. jsx-slack v4.5.2 has updated regular expressions for escaping blockquote characters to prevent catastrophic backtracking. It is also including an updated test case to confirm rendering multiple tags in `<blockquote>` with multibyte characters.
25 CVE-2021-43805 1333 DoS 2021-12-07 2021-12-08
5.0
None Remote Low Not required None None Partial
Solidus is a free, open-source ecommerce platform built on Rails. Versions of Solidus prior to 3.1.4, 3.0.4, and 2.11.13 have a denial of service vulnerability that could be exploited during a guest checkout. The regular expression used to validate a guest order's email was subject to exponential backtracking through a fragment like `a.a.` Versions 3.1.4, 3.0.4, and 2.11.13 have been patched to use a different regular expression. The maintainers added a check for email addresses that are no longer valid that will print information about any affected orders that exist. If a prompt upgrade is not an option, a workaround is available. It is possible to edit the file `config/application.rb` manually (with code provided by the maintainers in the GitHub Security Advisory) to check email validity.
26 CVE-2021-43801 754 DoS 2021-12-13 2021-12-15
5.0
None Remote Low Not required None None Partial
Mercurius is a GraphQL adapter for Fastify. Any users from [email protected] to 8.11.1 are subjected to a denial of service attack by sending a malformed JSON to `/graphql` unless they are using a custom error handler. The vulnerability has been fixed in https://github.com/mercurius-js/mercurius/pull/678 and shipped as v8.11.2. As a workaround users may use a custom error handler.
27 CVE-2021-43668 476 DoS 2021-11-18 2021-11-23
2.1
None Local Low Not required None None Partial
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
28 CVE-2021-43638 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
29 CVE-2021-43637 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
30 CVE-2021-43519 674 DoS Overflow 2021-11-09 2022-05-03
4.3
None Remote Medium Not required None None Partial
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
31 CVE-2021-43518 120 DoS Exec Code Overflow 2021-12-15 2021-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution.
32 CVE-2021-43471 521 DoS 2021-12-06 2021-12-07
7.8
None Remote Low Not required None None Complete
In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability.
33 CVE-2021-43246 400 DoS 2021-12-15 2022-05-23
4.9
None Local Low Not required None None Complete
Windows Hyper-V Denial of Service Vulnerability
34 CVE-2021-43228 400 DoS 2021-12-15 2022-05-23
7.8
None Remote Low Not required None None Complete
SymCrypt Denial of Service Vulnerability
35 CVE-2021-43219 400 DoS 2021-12-15 2022-05-23
7.8
None Remote Low Not required None None Complete
DirectX Graphics Kernel File Denial of Service Vulnerability
36 CVE-2021-43204 DoS 2021-12-09 2021-12-10
4.9
None Local Low Not required None None Complete
A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions.
37 CVE-2021-43017 379 DoS 2021-11-18 2022-02-02
3.5
None Remote Medium ??? None None Partial
Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.
38 CVE-2021-43006 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
AmZetta Amzetta zPortal DVM Tools is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
39 CVE-2021-43003 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amzetta zPortal Windows zClient is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
40 CVE-2021-43002 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amzetta zPortal DVM Tools is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
41 CVE-2021-43000 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient <= v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
42 CVE-2021-42996 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
Donglify is affected by Integer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
43 CVE-2021-42994 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
44 CVE-2021-42993 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-09
7.2
None Local Low Not required Complete Complete Complete
FlexiHub For Windows is affected by Integer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
45 CVE-2021-42990 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
FlexiHub For Windows is affected by Buffer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
46 CVE-2021-42988 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
47 CVE-2021-42987 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
Eltima USB Network Gate is affected by Integer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
48 CVE-2021-42986 190 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
49 CVE-2021-42983 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
50 CVE-2021-42980 120 DoS Exec Code Overflow Mem. Corr. 2021-12-07 2021-12-08
7.2
None Local Low Not required Complete Complete Complete
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Total number of vulnerabilities : 1839   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.