Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-4816

Summary
Assigner-lenovo
Assigner Org ID-da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At-23 Jan, 2023 | 16:35
Updated At-02 Apr, 2025 | 15:28
Rejected At-
Credits

A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:lenovo
Assigner Org ID:da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At:23 Jan, 2023 | 16:35
Updated At:02 Apr, 2025 | 15:28
Rejected At:
▼CVE Numbering Authority (CNA)

A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application.

Affected Products
Vendor
Lenovo Group LimitedLenovo
Product
Safecenter
Platforms
  • Android
Default Status
unaffected
Versions
Affected
  • Versions prior to 7.2.01.0315
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update the Lenovo Safecenter App to version 7.2.01.0315 or higher.

Configurations
Workarounds
Exploits
Credits
finder
Lenovo thanks Junfeng Yu for reporting this issue.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_205899.html
N/A
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_205899.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_205899.html
x_transferred
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_205899.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@lenovo.com
Published At:23 Jan, 2023 | 17:15
Updated At:01 Feb, 2023 | 02:44

A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Secondary3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Lenovo Group Limited
lenovo
>>safecenter>>Versions before 7.2.01.0315(exclusive)
cpe:2.3:a:lenovo:safecenter:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-400Secondarypsirt@lenovo.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-400
Type: Secondary
Source: psirt@lenovo.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://iknow.lenovo.com.cn/detail/dc_205899.htmlpsirt@lenovo.com
Vendor Advisory
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_205899.html
Source: psirt@lenovo.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

151Records found
CVE-2023-6450
Matching Score-10
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-10
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.78%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:09
Updated-21 Oct, 2024 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-app_storeLenovo App Store Application
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2019-6190
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5||MEDIUM
EPSS-0.12% / 30.96%
||
7 Day CHG~0.00%
Published-14 Feb, 2020 | 17:10
Updated-16 Sep, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkcentre_s510yangtian_ws_h81_desktopqitian_m4650thinkcentre_m93z_firmwarea340-22_iwl_firmwarethinkcentre_m715q_rrthinkcentre_m700zideacentre_730s-24ikb_firmwarea340-22icb_firmwarethinkcentre_e95z_firmwarethinkcentre_e96zthinkcentre_m818z_firmwarethinkcentre_m73pthinkcentre_m720qthinkcentre_m93zv510z_firmwarethinkstation_p520thinkcentre_m79_firmwareyta8900fthinkstation_p500a340-24_iwl_firmwarethinkcentre_m715q_rr_firmwarethinkcentre_e93_firmwarelenovo_v330-15igm_firmwarem4550_id_desktop_firmwarethinkcentre_m710e510s-08ikl_firmwarea340-22astqitian_m4550_desktop_firmwarethinkstation_p310v530-22icbthinkstation_p510aio_330-20astthinkstation_e32_firmwarethinkcenter_m700z_firmwarethinkstation_c30_refreshv530s-07icb_firmwareqitian_4500_desktop_firmwarelegion_y520t_z370_firmwareideacentre_510-15icbm4500_id_desktopthinkcentre_m83_firmwarethinkcentre_m920tthinkcentre_m715t_firmwareqitian_b4550_desktopthinkcentre_m710tthinkstation_p318_firmwarev520s-08ikl_firmwarethinkcentre_m720tyangtian_wf_h81_pci_desktop_firmwarelegion_c530-19icb_firmwarelegion_t530-28apr_reflashlegion_t530-28icbthinkcentre_e73_desktopyangtian_ms_h81_desktopideacentre_700_firmwareqitian_4500_desktopqt_m415_firmwarelegion_t730-28icoqitian_m4550_desktopqitian_b4650_firmwarethinkcentre_e74_firmwareqitian_b5900_firmwarethinkcentre_m83zm4500_desktopthinkcentre_m6500t_firmwarethinkcentre_m625q_firmwarethinkcentre_m4600s_firmwarethinkstation_p520c_firmwarelegion_y520t_z370legion_t530-28icb_reflash_firmwarethinkcentre_m700z_firmwareyangtian_wcc_h81_pci_desktop_firmwareqt_b415_firmwareqitian_m4600_firmwarethinkstation_p900_firmwarethinkcentre_m910x_firmwareyangtian_afh110_firmwarethinkcentre_m910s_firmwareyangtian_wf_h110_pci_firmwareyangtian_afq150_firmwareyangtian_mc_h110_pci_firmwareh50-30g_desktopthinkcentre_e95zthinkstation_p720_firmwarelegion_t530-28icb_reflashthinkcentre_m600_firmwarethinkcentre_x1_aioa340-24icbthinkcentre_m910q_firmwarethinkcentre_m720s_firmwarelegion_t530-28aprideacentre_720-18icb_firmwareqt_m410_firmwarethinkcentre_m4600tthinkcentre_m920q_firmwarethinkcentre_m910zthinkcentre_m920sqt_a7400thinkstation_p900thinkcentre_m710q_firmwareaio_330-20igm_firmwarethinkcentre_m818zaio_520-24ast_firmware510-15iklthinkcentre_m8600tqt_m415thinkstation_p700_firmwarethinkcentre_m79thinkstation_p318thinkcentre_m700syangtian_mf_h110_pcithinkcentre_m910qthinkcentre_m6600t_firmwarethinkcentre_m8600s_firmwarethinkcentre_m720sideacentre_720-18apr_firmware510s-08iklthinkcentre_m715q_firmwarethinkcentre_m90n-1_firmwarethinkcentre_m920t_firmwarethinkstation_p500_firmwarethinkcentre_m810zthinkcentre_e93thinkcentre_m6500s_firmwarethinkcentre_m9500zthinkcentre_m810z_firmwarethinkcentre_m710qyangtian_wcc_h81_pci_desktopthinkstation_p300thinkcentre_m6600thinkcentre_m710e_firmwarethinkcentre_m8500syangtian_me_h110_firmwarethinkcentre_m900_firmwareyangtian_wf_h110_pcim4500_desktop_firmwarethinkcentre_m6600sthinkcentre_e75sthinkcentre_m920zthinkstation_p330thinkstation_c30_refresh_firmwarethinkcentre_m700qthinkcentre_m9550zthinkcentre_e74zthinkcentre_m6500sthinkcentre_m9550z_firmwareideacentre_720-18aprthinkcentre_m8500s_firmwareaio520-24arrthinkcentre_m73p_firmwarethinkcentre_m7300z_firmwareqitian_b4650thinkcentre_m6600qthinkcentre_m8350z_firmwarethinkstation_p700yangtian_afh81_desktopthinkcentre_e75tthinkcentre_m4500qthinkcentre_m820zqitian_a815_firmwareyta8900f_firmwarethinkcentre_s510_firmwarelenovo_v330-15igmthinkcentre_m910tthinkstation_p330_firmwarem4550_id_desktopthinkcentre_e75t_firmwarethinkstation_p300_firmwarev540-24iwlthinkcentre_e73_desktop_firmwareaio_330-20igmthinkcentre_m73_tiny_firmwarethinkcentre_m920x_firmwareaio520-27ikl_firmwarethinkcentre_m6600_firmwarethinkcentre_m920qthinkcenter_m700zlegion_c730-19icothinkcentre_m4500q_firmwarethinkstation_p910thinkcentre_m720t_firmwareaio520-24iku_firmwareyangtian_mf_h81_pci_desktopthinkcenter_m800zthinkstation_p320_tinythinkcentre_m800ideacentre_510-15icb_firmwarev410z_firmwarethinkcentre_m800zyangtian_tc_h81_pci_desktop_firmwarethinkcentre_m900yangtian_mc_h110_firmwarethinkcentre_m6600tthinkcentre_m93p_firmwarethinkcentre_m93thinkstation_p330_tiny_firmwarethinkcentre_e73s_desktopthinkstation_p410thinkcentre_m8350zthinkcentre_m625qqt_a7400_firmwarethinkstation_p310_firmwareaio520-22ikuthinkcentre_m4500s_desktopthinkcentre_e96z_firmwareyangtian_mc_h110thinkcentre_m8500tthinkcentre_m93pthinkstation_d30_refreshlegion_t530-28icb_firmwareideacentre_510a-15icb_firmwarethinkcentre_m715qideacentre_730s-24ikbh50-30g_desktop_firmwareyangtian_wf_h81_pci_desktopthinkcentre_m700q_firmwareyangtian_me_h110qitian_b5900v530s-07icbthinkcentre_m73_desktopyangtian_afq150aio520-24arr_firmwareyogo_a940-27icb_firmwareideacentre_310s-08igmideacentre_310s-08asr_firmwarethinkstation_p710thinkcentre_m9350zv530-22icb_firmwarea340-22_iwlthinkstation_p330_tinythinkcentre_m73_desktop_firmwarelenovo_63_desktop_firmwarea340-24icb_firmwarelegion_t530-28apr_firmwarethinkcentre_m9350z_firmwarethinkcentre_m800z_firmwarelegion_c530-19icbthinkcentre_m9500z_firmwarelenovo_63_desktopthinkcentre_m920s_firmwarethinkcentre_m8600sthinkcentre_m83z_firmwareideacentre_720-18icbaio_330-20ast_firmwareideacentre_510a-15icbthinkcentre_m920z_firmwarethinkcentre_m4500k_desktopthinkstation_p720thinkcentre_m710s_firmwarethinkcentre_e74sthinkcentre_m4600sthinkcentre_m610thinkcentre_m73_tinya340-22icbthinkcentre_e74s_firmwarethinkstation_p920_firmwareyangtian_wc_h110_pcithinkstation_p910_firmwarethinkcentre_m920xthinkstation_p410_firmwarem4500_id_desktop_firmwarea340-22ast_firmwareyangtian_ytm6900e-00_firmwareqt_m410thinkstation_s30_refresh_firmwarethinkcentre_m90n-1thinkcentre_m6500tthinkstation_p520_firmwarethinkcentre_m910xaio520-24ikuthinkcentre_m6600s_firmwarethinkcentre_m4500t_desktop_firmwarethinkstation_p320thinkstation_p510_firmwarethinkcentre_m910sqitian_m4600legion_c730-19ico_firmwarev530-24icb_firmwarethinkstation_p320_firmwarethinkcentre_m93_firmwarethinkstation_d30_refresh_firmwarev520t-15iklthinkcentre_m6600q_firmwarethinkcentre_m710t_firmwarethinkcentre_m8500t_firmwareqitian_a815thinkcentre_m900zaio520-27iklqitian_m4650_firmwareyogo_a940-27icbyangtian_tc_h110_pci_firmwarethinkcentre_m8300z_firmwarelegion_t730-28ico_firmwareyangtian_we_h110aio_520-24astyangtian_tc_h81_pci_desktop510-15ikl_firmwarethinkcentre_m800_firmwarethinkcentre_m725sideacentre_310s-08igm_firmwareqitian_b4550_desktop_firmwarethinkcentre_m700tyangtian_mc_h81_desktopqt_b415yangtian_ytm6900e-00yangtian_we_h110_firmwarethinkcentre_m725s_firmwarelegion_t530-28apr_reflash_firmwareyangtian_ms_h81_desktop_firmwareyangtian_mf_h81_pci_desktop_firmwarethinkstation_s30_refreshthinkstation_p710_firmwarethinkcentre_m8300zyangtian_ws_h81_desktop_firmwarev310zv410zthinkcentre_m700t_firmwarethinkstation_p320_tiny_firmwarethinkcentre_m83thinkcentre_e73s_desktop_firmwarethinkcentre_m7300zthinkcentre_m4500k_desktop_firmwarethinkstation_p920thinkcentre_m700s_firmwarethinkcentre_e74thinkcentre_e74z_firmwarev520t-15ikl_firmwarev530-24icbyangtian_mc_h110_pcithinkcentre_x1_aio_firmwarethinkcentre_e75s_firmwarev520s-08iklthinkcentre_m4500t_desktopthinkcentre_m8600t_firmwarethinkcentre_m610_firmwarethinkcentre_m820z_firmwarethinkcentre_m4500s_desktop_firmwarev540-24iwl_firmwarethinkcentre_m715tthinkcentre_m4600t_firmwareyangtian_wc_h110_pci_firmwarethinkcentre_m910t_firmwarethinkcenter_m800z_firmwareyangtian_afh110a340-24_iwlthinkcentre_m710syangtian_mf_h110_pci_firmwarethinkcentre_m900z_firmwareideacentre_700thinkcentre_m910z_firmwareyangtian_afh81_desktop_firmwarev510zideacentre_310s-08asrv310z_firmwarethinkcentre_m715s_firmwarethinkstation_e32yangtian_mc_h81_desktop_firmwareaio520-22iku_firmwarethinkcentre_m720q_firmwarethinkcentre_m715sthinkcentre_m600yangtian_tc_h110_pcithinkstation_p520cBIOS
CWE ID-CWE-665
Improper Initialization
CVE-2021-3721
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 8.70%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.20.10282 that could allow an attacker with local access to trigger a blue screen error.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3451
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 15:27
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow configuration files to be written to non-standard locations.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-3462
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.85%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 20:41
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_l15_gen_1thinkpad_x13_yoga_gen_1thinkpad_a275thinkpad_e15thinkpad_x1_yoga_gen_2thinkpad_p17_gen_1thinkpad_x380_yogathinkpad_a485thinkpad_25thinkpad_s2_yoga_gen_5thinkpad_e490thinkpad_s2_gen_2thinkpad_p53sthinkpad_t480sthinkpad_t570thinkpad_s1_gen_4thinkpad_x13_yoga_gen_2thinkpad_t14s_gen_1thinkpad_t490thinkpad_p51sthinkpad_e14_gen2thinkpad_t590thinkpad_x390_yogathinkpad_p53thinkpad_x13_gen_2ithinkpad_e575thinkpad_r14_gen_2thinkpad_e14thinkpad_x1_yoga_gen_6thinkpad_e570thinkpad_l590thinkpad_l13_yoga_gen_2thinkpad_l570thinkpad_x1_carbon_gen_5thinkpad_p14s_gen_1thinkpad_p52thinkpad_p43sthinkpad_a475thinkpad_l480thinkpad_e475power_management_driverthinkpad_x1_titanium_gen_1thinkpad_s5_gen_2thinkpad_e15_gen2thinkpad_t14_gen_2thinkpad_x1_yoga_gen_4thinkpad_13_gen_2thinkpad_e495thinkpad_s2_yoga_gen_6thinkpad_x1_carbon_gen_8thinkpad_x270thinkpad_l580thinkpad_a285thinkpad_e580thinkpad_p1_gen_3thinkpad_p1thinkpad_l14_gen_2thinkpad_x1_tablet_gen_2thinkpad_l13_gen_2thinkpad_x280thinkpad_p71thinkpad_t15_gen_1thinkpad_x390thinkpad_s3_gen_2thinkpad_p1_gen_2thinkpad_t15g_gen_1thinkpad_x1_yoga_gen_3thinkpad_11e_yoga_gen_6thinkpad_r14thinkpad_yoga_370thinkpad_l470thinkpad_x1_carbon_gen_7thinkpad_x395thinkpad_l15_gen_2thinkpad_t470thinkpad_p15v_gen_1thinkpad_l390thinkpad_e570cthinkpad_l380thinkpad_t580thinkpad_l14_gen_1thinkpad_l390_yogathinkpad_r480thinkpad_x1_extremethinkpad_e480thinkpad_l490thinkpad_11e_gen_5thinkpad_l380_yogathinkpad_p51thinkpad_l13thinkpad_t490sthinkpad_p73thinkpad_e470thinkpad_t15p_gen_1thinkpad_s2_gen_5thinkpad_x1_tablet_gen_3thinkpad_x1_extreme_gen_3thinkpad_l13_yoga_gen_1thinkpad_e590thinkpad_t470sthinkpad_p72thinkpad_t14_gen_1thinkpad_t15_gen_2thinkpad_t470pthinkpad_x12thinkpad_l13_gen_1thinkpad_x13_gen_1thinkpad_t14s_gen_2ithinkpad_e470cthinkpad_s2_gen_6thinkpad_x1_nano_gen_1thinkpad_e595thinkpad_x1_carbon_gen_9thinkpad_t495thinkpad_p14s_gen_2thinkpad_l13_yogathinkpad_p15s_gen_2thinkpad_p15_gen_1thinkpad_t480thinkpad_p15s_gen_1thinkpad_x1_extreme_2ndthinkpad_p52sthinkpad_x1_carbon_gen_6thinkpad_yoga_11e_gen_5thinkpad_x1_yoga_gen_5Power Management Driver for Windows 10
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-1110
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.69%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 16:10
Updated-02 Aug, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-smart_standby_driverSmart Standby Driver
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-1109
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.45%
||
7 Day CHG~0.00%
Published-20 Jan, 2023 | 19:23
Updated-02 Apr, 2025 | 13:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-leyunLeyun
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-0636
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5||MEDIUM
EPSS-0.04% / 11.02%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in Lenovo Thin Installer prior to version 1.3.0039 that could trigger a system crash.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thin_installerThin Installer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-4891
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.34%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:00
Updated-03 Sep, 2024 | 20:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service.

Action-Not Available
Vendor-Microsoft CorporationLenovo Group Limited
Product-windowsview_driverLenovo View Driver
CWE ID-CWE-416
Use After Free
CVE-2017-3772
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.10%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 20:30
Updated-01 Aug, 2024 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow an attacker to cause a system reboot.

Action-Not Available
Vendor-Lenovo Group Limited
Product-PC Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8357
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 16:15
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to be written to non-standard locations.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8346
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.01%
||
7 Day CHG~0.00%
Published-15 Sep, 2020 | 14:20
Updated-17 Sep, 2024 | 04:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_interface_foundationSystem Interface Foundation
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-3698
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 8.79%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 20:40
Updated-17 Sep, 2024 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and  Lenovo Diagnostics versions prior to 4.45 that could allow a local user with administrative access to trigger a system crash.

Action-Not Available
Vendor-Lenovo Group Limited
Product-diagnosticshardwarescan_pluginDiagnosticsHardwareScanPlugin
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-0353
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 8.79%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 20:39
Updated-11 Sep, 2024 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and  Lenovo Diagnostics versions prior to 4.45 that could allow a local user with administrative access to trigger a system crash.

Action-Not Available
Vendor-Lenovo Group Limited
Product-diagnosticshardwarescan_pluginhardwarescan_addinDiagnosticsHardwareScanPlugin
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-21240
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.24%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 23:23
Updated-06 Nov, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-44183
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.39%
||
7 Day CHG~0.00%
Published-16 Sep, 2024 | 23:22
Updated-24 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. An app may be able to cause a denial-of-service.

Action-Not Available
Vendor-Apple Inc.
Product-watchostvosipadosvisionosmacosiphone_ostvOSmacOSvisionOSwatchOSiOS and iPadOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-4049
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.11% / 29.70%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 18:25
Updated-17 Sep, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial of service due to a local user being able to fill up the disk space of the underlying filesystem using the error logging service. IBM X-Force ID: 156398.

Action-Not Available
Vendor-IBM Corporation
Product-mqMQ
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-40575
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.00%
||
7 Day CHG~0.00%
Published-24 Jul, 2024 | 00:00
Updated-18 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Huawei Technologies opengauss (openGauss 5.0.0 build) v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-opengaussn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-20812
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.25%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 02:43
Updated-05 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-19922
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.81%
||
7 Day CHG-0.02%
Published-22 Dec, 2019 | 19:07
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-ubuntu_linuxdebian_linuxlinux_kernelsd-wan_edgefas\/aff_baseboard_management_controllercloud_backupsolidfire_\&_hci_management_nodee-series_santricity_os_controlleractive_iq_unified_managersteelstore_cloud_integrated_storagehci_baseboard_management_controllersolidfire_baseboard_management_controlleraff_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-4115
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.89%
||
7 Day CHG~0.00%
Published-21 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

Action-Not Available
Vendor-polkit_projectn/aOracle CorporationFedora ProjectDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.
Product-ubuntu_linuxdebian_linuxfedorazfs_storage_appliance_kitenterprise_linuxpolkitpolkitd
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-16764
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 62.28%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 17:11
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PowAssent is susceptible to denial of service attacks

The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash.

Action-Not Available
Vendor-powauthpow-auth
Product-powassentpow_assent
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-32912
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.16%
||
7 Day CHG-0.02%
Published-13 Jun, 2024 | 21:02
Updated-20 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-47354
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4||MEDIUM
EPSS-0.03% / 5.00%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:26
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In log service, there is a missing permission check. This could lead to local denial of service in log service.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-47370
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5||MEDIUM
EPSS-0.03% / 8.12%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:28
Updated-26 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-47356
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4||MEDIUM
EPSS-0.03% / 5.00%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:27
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In log service, there is a missing permission check. This could lead to local denial of service in log service.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-47355
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4||MEDIUM
EPSS-0.03% / 5.00%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:27
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In log service, there is a missing permission check. This could lead to local denial of service in log service.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46645
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.07% / 21.91%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:16
Updated-27 Jan, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version 9.9 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-smart_campusIntel(R) Smart Campus Android application
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-3679
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-1.39% / 79.57%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 19:54
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2022-46351
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.88%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2).

Action-Not Available
Vendor-Siemens AG
Product-6gk5204-0bs00-3pa36gk5204-0ba00-2mb2_firmware6gk5204-0ba00-2kb2_firmware6gk5204-0ba00-2mb26gk5204-0ba00-2kb26gk5204-0bs00-3la3_firmware6gk5204-0bs00-2na3_firmware6gk5204-0bs00-3pa3_firmware6gk5204-0bs00-2na36gk5204-0bs00-3la3SCALANCE X204RNA (HSR)SCALANCE X204RNA EEC (PRP/HSR)SCALANCE X204RNA EEC (PRP)SCALANCE X204RNA EEC (HSR)SCALANCE X204RNA (PRP)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-3669
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 0.55%
||
7 Day CHG~0.00%
Published-26 Aug, 2022 | 15:25
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

Action-Not Available
Vendor-n/aIBM CorporationFedora ProjectRed Hat, Inc.Linux Kernel Organization, IncDebian GNU/Linux
Product-enterprise_linux_server_ausopenshift_container_platformenterprise_linuxvirtualization_hostenterprise_linux_ausenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusbuild_of_quarkuscodeready_linux_builderdeveloper_toolsdebian_linuxlinux_kernelenterprise_linux_for_real_time_for_nfv_tusfedoraenterprise_linux_for_ibm_z_systemsenterprise_linux_eusenterprise_linux_for_power_little_endian_eusspectrum_copy_data_managemententerprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_server_tusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_real_timespectrum_protect_pluskernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2006-5649
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.38%
||
7 Day CHG~0.00%
Published-14 Dec, 2006 | 00:00
Updated-03 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.

Action-Not Available
Vendor-n/aUbuntu
Product-ubuntu_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2006-5648
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 13.88%
||
7 Day CHG~0.00%
Published-14 Dec, 2006 | 00:00
Updated-03 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.

Action-Not Available
Vendor-n/aUbuntu
Product-ubuntu_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-27088
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.5||NONE
EPSS-1.85% / 82.23%
||
7 Day CHG~0.00%
Published-26 Feb, 2024 | 16:50
Updated-05 Feb, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63.

Action-Not Available
Vendor-medikoomedikoo
Product-es5-extes5-ext
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CVE-2022-28191
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.47%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 19:15
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA Corporation
Product-virtual_gpuNVIDIA Virtual GPU Software and NVIDIA Cloud Gaming
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-33135
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.29%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:35
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-software_guard_extensionsIntel(R) SGX
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-33073
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.61%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:22
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled resource consumption in the Intel(R) Distribution of OpenVINOâ„¢ Toolkit before version 2021.4 may allow an unauthenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-distribution_of_openvino_toolkitIntel(R) Distribution of OpenVINOâ„¢ Toolkit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-39128
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.54%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 00:00
Updated-14 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t618t310sc7731esc9832et606s8000t616t612t820sc9863at770androidt610t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-7970
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.29%
||
7 Day CHG~0.00%
Published-13 Oct, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.

Action-Not Available
Vendor-n/aNovellLinux Kernel Organization, IncCanonical Ltd.
Product-suse_linux_enterprise_serverlinux_kernelubuntu_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-8559
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 16.89%
||
7 Day CHG~0.00%
Published-10 Nov, 2014 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSESUSENovellOracle CorporationCanonical Ltd.
Product-linux_kernelopensuseevergreenubuntu_linuxlinux_enterprise_real_time_extensionsuse_linux_enterprise_serversuse_linux_enterprise_desktoplinux_enterprise_workstation_extensionlinuxlinux_enterprise_software_development_kitn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-23712
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.43%
||
7 Day CHG~0.00%
Published-07 May, 2024 | 21:01
Updated-17 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of AppOpsService.java, there is a possible way to saturate the content of /data/system/appops_accesses.xml due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-22104
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.28%
||
7 Day CHG~0.00%
Published-02 Jul, 2024 | 00:00
Updated-01 Aug, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

Action-Not Available
Vendor-jungon/ajungoMitsubishi Electric Corporation
Product-gt_got2000rt_visualboxfr_configurator_sw3mx_opc_server_da\/uasw1dnc-qsccf-bgx_works3sw1dnc-mnetg-b_firmwaregenesis64sw0dnc-mneth-bgt_got1000data_transfermrzjw3-mc2-utl_firmwaresw1dnc-mnetg-bezsocketsw0dnc-mneth-b_firmwaresw1dnc-ccbd2-b_firmwaresw1dnc-qsccf-b_firmwaresw1dnc-ccief-jgt_softgot1000sw1dnc-ccief-bsw1dnc-ccbd2-brt_toolbox3sw1dnc-ccief-b_firmwarefr_configurator2mx_componentsw1dnd-emsdk-bnumerical_control_device_communicationgx_logviewermr_configuratorsw1dnc-ccief-j_firmwarecw_configuratorwindrivercpu_module_logging_configuration_tooldata_transfer_classicgt_softgot2000px_developer\/monitor_toolgx_works2sw1dnd-emsdk-b_firmwaremr_configurator2mi_configuratoriq_worksmrzjw3-mc2-utlgx_developern/awindriver
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-21161
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.00%
||
7 Day CHG+0.03%
Published-16 Jul, 2024 | 22:40
Updated-26 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-41801
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5||MEDIUM
EPSS-0.06% / 18.61%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-connect_mIntel(R) Connect M Android application
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-3690
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.06%
||
7 Day CHG~0.00%
Published-10 Nov, 2014 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSESUSERed Hat, Inc.Debian GNU/LinuxNovellCanonical Ltd.
Product-enterprise_linuxlinux_kernelevergreenubuntu_linuxlinux_enterprise_real_time_extensionsuse_linux_enterprise_serversuse_linux_enterprise_desktoplinux_enterprise_workstation_extensiondebian_linuxlinux_enterprise_software_development_kitn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-38674
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.12%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:27
Updated-26 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-39164
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 2.61%
||
7 Day CHG~0.00%
Published-23 Dec, 2022 | 19:26
Updated-10 Apr, 2025 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM AIX denial of service

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181.

Action-Not Available
Vendor-IBM Corporation
Product-aixviosAIX
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-38687
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.87%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 00:00
Updated-15 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t618t310sc7731esc9832et606s8000t616t612t820sc9863at770androidt610t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-862
Missing Authorization
CVE-2022-38679
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.10%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 00:00
Updated-15 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t618t310sc7731esc9832et606s8000t616t612t820sc9863at770androidt610t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-862
Missing Authorization
CVE-2022-39126
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.54%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 00:00
Updated-14 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t618t310sc7731esc9832et606s8000t616t612t820sc9863at770androidt610t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found