ABAP Server (used in NetWeaver and Suite/ERP) and ABAP Platform does not sufficiently validate an XML document accepted from an untrusted source, leading to an XML External Entity (XEE) vulnerability. Fixed in Kernel 7.21 or 7.22, that is ABAP Server 7.00 to 7.31 and Kernel 7.45, 7.49 or 7.53, that is ABAP Server 7.40 to 7.52 or ABAP Platform. For more recent updates please refer to Security Note 2870067 (which supersedes the solution of Security Note 2736825) in the reference section below.
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper input validation vulnerability via the path parameter. An authenticated attacker can send a malformed POST request to achieve server-side denial of service.
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704.
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7.
Mattermost 6.0 and earlier fails to sufficiently validate parameters during post creation, which allows authenticated attackers to cause a client-side crash of the web application via a maliciously crafted post.
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing code changes.
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635.
TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the `Convolution3DTranspose` function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a `Convolution3DTranspose` call. This issue has been patched and users are advised to upgrade to version 2.11.1. There are no known workarounds for this vulnerability.
Windows CryptoAPI Denial of Service Vulnerability
HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.8 and below, the HAX CMS NodeJS application crashes when an authenticated attacker provides an API request lacking required URL parameters. This vulnerability affects the listFiles and saveFiles endpoints. This vulnerability exists because the application does not properly handle exceptions which occur as a result of changes to user-modifiable URL parameters. This is fixed in version 11.0.9.
A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access.
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the run_id parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version that is not affected
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions prior to 4.0.6 and MongoDB Server v3.6 versions prior to 3.6.11.
Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that the Nextcloud Server is upgraded to 1.6.5 or 1.7.3 or 1.8.2.
A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of requests sent to the REST API. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to cause a permanent DoS condition that is due to high CPU utilization. Manual intervention may be required to recover the Cisco IND.
IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) contains a denial of service vulnerability. A remote, authenticated DB2 user could exploit this vulnerability by issuing a specially-crafted SELECT statement with TRUNCATE function. IBM X-Force ID: 154032.
The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not correctly handle requests for byte sequences, allowing an attacker to amplify the response size by requesting the entire response body repeatedly, as demonstrated by an HTTP Range header value beginning with the "bytes=0-,0-" substring.
IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270264.
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.
A user authorized to performing a specific type of find query may trigger a denial of service. This issue affects MongoDB Server v4.4 versions prior to 4.4.4.
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation.
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service.
An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service (DoS) attack on a server by passing large values to a loop. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to maliciously crafted long strings. This has been patched in uap-core 0.7.3.
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
An improper input validation before calling java readLine() method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service. IBM X-Force ID: 189159.
IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to cause a denial of service due to improper input validation. IBM X-Force ID: 184937.
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.
OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to cause a denial of service (service outage and data loss) via a message.
OSIsoft PI AF Server before 2016 2.8.0 allows remote authenticated users to cause a denial of service (service outage) via a message.
The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.
IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.
The help service in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to cause a denial of service (service degradation) via a crafted URL.
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.
HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0.
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel (TMM) to terminate.
"IBM InfoSphere Information Server 11.7 could allow a user to cause a denial of service by removing the ability to run jobs due to improper input validation. IBM X-Force ID: 235725."
Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions 01.39.000 and prior and Mitsubishi Electric GOT2000 Series GT23 model FTP server versions 01.39.000 and prior allows a remote authenticated attacker to cause a Denial of Service condition by sending specially crafted command.
vLLM is an inference and serving engine for large language models (LLMs). In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. The worker will remain down until it is restarted. Version 0.9.0 fixes the issue.
Discourse is an open source discussion platform. Starting with version 2.9.0.beta5 and prior to version 2.9.0.beta10, an incomplete quote can generate a JavaScript error which will crash the current page in the browser in some cases. Version 2.9.0.beta10 added a fix and tests to ensure incomplete quotes won't break the app. As a workaround, the quote can be fixed via the rails console.
fat_free_crm is a an open source, Ruby on Rails customer relationship management platform (CRM). In versions prior to 0.20.1 an authenticated user can perform a remote Denial of Service attack against Fat Free CRM via bucket access. The vulnerability has been patched in commit `c85a254` and will be available in release `0.20.1`. Users are advised to upgrade or to manually apply patch `c85a254`. There are no known workarounds for this issue.