Total
2719 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-20616 | 2025-05-16 | N/A | 5.5 MEDIUM | ||
| Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiberâ„¢ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2025-20084 | 2025-05-16 | N/A | 3.5 LOW | ||
| Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiberâ„¢ Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2024-20977 | 2 Netapp, Oracle | 2 Oncommand Insight, Mysql | 2025-05-15 | N/A | 6.5 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2022-38687 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | N/A | 5.5 MEDIUM |
| In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed. | |||||
| CVE-2022-38679 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | N/A | 5.5 MEDIUM |
| In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed. | |||||
| CVE-2022-38677 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | N/A | 5.5 MEDIUM |
| In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed. | |||||
| CVE-2022-39128 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39127 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39126 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39125 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39124 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-39123 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-2455 | 1 Gitlab | 1 Gitlab | 2025-05-13 | N/A | 6.5 MEDIUM |
| A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from 10.0 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2 allowed an authenticated and authorized user to exhaust server resources by importing a malicious project. | |||||
| CVE-2022-2931 | 1 Gitlab | 1 Gitlab | 2025-05-13 | N/A | 7.5 HIGH |
| A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Malformed content added to the issue description could have been used to trigger high CPU usage. | |||||
| CVE-2022-3283 | 1 Gitlab | 1 Gitlab | 2025-05-13 | N/A | 7.5 HIGH |
| A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 While cloning an issue with special crafted content added to the description could have been used to trigger high CPU usage. | |||||
| CVE-2025-30158 | 1 Namelessmc | 1 Nameless | 2025-05-13 | N/A | 7.1 HIGH |
| NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0. | |||||
| CVE-2025-31118 | 1 Namelessmc | 1 Nameless | 2025-05-13 | N/A | 7.1 HIGH |
| NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction, resulting in an uncontrolled surge of posts that can disrupt normal operations. This issue has been patched in version 2.2.0. | |||||
| CVE-2024-8418 | 1 Containers | 1 Aardvark-dns | 2025-05-13 | N/A | 7.5 HIGH |
| A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime. | |||||
| CVE-2020-15853 | 1 Fedoraproject | 1 Supybot-fedora | 2025-05-13 | N/A | 5.3 MEDIUM |
| supybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS. This takes quite a while to run, and zodbot stops responding to requests during this time. | |||||
| CVE-2022-3517 | 3 Debian, Fedoraproject, Minimatch Project | 3 Debian Linux, Fedora, Minimatch | 2025-05-13 | N/A | 7.5 HIGH |
| A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service. | |||||