When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding.
Transient DOS while parsing probe response and assoc response frame.
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
Transient DOS while parsing BTM ML IE when per STA profile is not included.
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
Transient DOS while processing the CU information from RNR IE.
Transient DOS while processing TID-to-link mapping IE elements.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
Transient DOS while parsing the received TID-to-link mapping action frame.
Transient DOS while parsing ESP IE from beacon/probe response frame.
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
Transient DOS while parsing ESP IE from beacon/probe response frame.
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
Transient DOS while parse fils IE with length equal to 1.
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
DHCP Server Service Denial of Service Vulnerability
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
Transient DOS in WLAN Firmware while processing a FTMR frame.
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
Remote Procedure Call Runtime Denial of Service Vulnerability
Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.
Transient DOS in WLAN Firmware while parsing t2lm buffers.
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Transient DOS in Audio while remapping channel buffer in media codec decoding.
Remote Procedure Call Runtime Denial of Service Vulnerability
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
Remote Procedure Call Runtime Denial of Service Vulnerability
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability.
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
Windows iSCSI Service Denial of Service Vulnerability
Transient DOS in WLAN Firmware while processing frames with missing header fields.
Transient DOS while parsing WLAN beacon or probe-response frame.