CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2022(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-46405 DoS 2022-12-04 2022-12-04
0.0
None ??? ??? ??? ??? ??? ???
Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue) by creating bot accounts that follow attacker-controlled accounts on certain other servers associated with a wildcard DNS A record, such that there is uncontrolled recursion of attacker-generated messages.
2 CVE-2022-45869 362 DoS Mem. Corr. 2022-11-30 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
3 CVE-2022-45640 DoS Overflow 2022-12-01 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local).
4 CVE-2022-45199 400 DoS 2022-11-14 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
5 CVE-2022-45196 400 DoS 2022-11-12 2022-11-17
0.0
None ??? ??? ??? ??? ??? ???
Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist.
6 CVE-2022-45061 400 DoS 2022-11-09 2022-11-30
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
7 CVE-2022-44793 476 DoS 2022-11-07 2022-11-08
0.0
None ??? ??? ??? ??? ??? ???
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
8 CVE-2022-44792 476 DoS 2022-11-07 2022-11-08
0.0
None ??? ??? ??? ??? ??? ???
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
9 CVE-2022-44641 776 DoS 2022-11-18 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.
10 CVE-2022-44311 125 DoS 2022-11-08 2022-11-09
0.0
None ??? ??? ??? ??? ??? ???
html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file.
11 CVE-2022-43766 DoS 2022-10-26 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it.
12 CVE-2022-43686 400 DoS 2022-11-14 2022-11-17
0.0
None ??? ??? ??? ??? ??? ???
In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service (high load).
13 CVE-2022-43590 476 DoS 2022-11-28 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
A null pointer dereference vulnerability exists in the handle_ioctl_0x830a0_systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially-crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.
14 CVE-2022-43589 476 DoS 2022-11-28 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
A null pointer dereference vulnerability exists in the handle_ioctl_8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially-crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.
15 CVE-2022-43588 476 DoS 2022-11-28 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
A null pointer dereference vulnerability exists in the handle_ioctl_83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially-crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.
16 CVE-2022-43564 400 DoS 2022-11-04 2022-11-08
0.0
None ??? ??? ??? ??? ??? ???
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can cause a denial of service through the use of specially crafted search macros.
17 CVE-2022-43365 120 DoS Overflow 2022-10-27 2022-10-31
0.0
None ??? ??? ??? ??? ??? ???
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
18 CVE-2022-43253 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
19 CVE-2022-43252 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
20 CVE-2022-43250 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
21 CVE-2022-43249 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
22 CVE-2022-43248 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
23 CVE-2022-43245 DoS 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
24 CVE-2022-43244 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
25 CVE-2022-43243 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
26 CVE-2022-43242 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma<unsigned char> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
27 CVE-2022-43241 787 DoS 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
28 CVE-2022-43240 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
29 CVE-2022-43239 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma<unsigned short> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
30 CVE-2022-43238 DoS 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
31 CVE-2022-43237 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
32 CVE-2022-43236 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
33 CVE-2022-43235 787 DoS Overflow 2022-11-02 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.
34 CVE-2022-43223 401 DoS 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted UE attachment.
35 CVE-2022-43222 401 DoS 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.
36 CVE-2022-43221 401 DoS 2022-11-01 2022-11-02
0.0
None ??? ??? ??? ??? ??? ???
open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.
37 CVE-2022-43171 787 DoS Overflow 2022-11-17 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file.
38 CVE-2022-43071 787 DoS Overflow 2022-11-15 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
39 CVE-2022-43035 787 DoS Overflow 2022-10-19 2022-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
40 CVE-2022-43033 416 DoS 2022-10-19 2022-10-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.
41 CVE-2022-42969 DoS 2022-10-16 2022-10-18
0.0
None ??? ??? ??? ??? ??? ???
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled.
42 CVE-2022-42966 DoS 2022-11-09 2022-11-10
0.0
None ??? ??? ??? ??? ??? ???
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method
43 CVE-2022-42965 DoS 2022-11-09 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method
44 CVE-2022-42964 DoS 2022-11-09 2022-11-10
0.0
None ??? ??? ??? ??? ??? ???
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method
45 CVE-2022-42319 401 DoS 2022-11-01 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored.
46 CVE-2022-42318 770 DoS 2022-11-01 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
47 CVE-2022-42317 770 DoS 2022-11-01 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
48 CVE-2022-42316 770 DoS 2022-11-01 2022-11-24
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
49 CVE-2022-42315 770 DoS 2022-11-01 2022-11-24
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
50 CVE-2022-42314 770 DoS 2022-11-01 2022-11-24
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction
Total number of vulnerabilities : 1868   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.