Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
Transient DOS while parsing ESP IE from beacon/probe response frame.
Transient DOS while parsing ESP IE from beacon/probe response frame.
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
Transient DOS in WLAN Firmware while parsing FT Information Elements.
A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service (DoS) via a crafted input.
Transient DOS in WLAN Firmware while processing frames with missing header fields.
Windows Secure Channel Denial of Service Vulnerability
A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding.
Windows iSCSI Service Denial of Service Vulnerability
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
Transient DOS while parsing WLAN beacon or probe-response frame.
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.
Transient DOS during music playback of ALAC content.
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .
A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives a BGP update with a set of specific optional transitive attributes over an established peering session, rpd will crash and restart when attempting to advertise the received information to another peer. This issue can only happen if one or both of the BGP peers of the receiving session are non-4-byte-AS capable as determined from the advertised capabilities during BGP session establishment. Junos OS and Junos OS Evolved default behavior is 4-byte-AS capable unless this has been specifically disabled by configuring: [ protocols bgp ... disable-4byte-as ] Established BGP sessions can be checked by executing: show bgp neighbor <IP address> | match "4 byte AS" This issue affects: Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2; Junos OS Evolved: * all versions before 22.4R3-S8-EVO, * 23.2 versions before 23.2R2-S5-EVO, * 23.4 versions before 23.4R2-S6-EVO, * 24.2 versions before 24.2R2-S2-EVO, * 24.4 versions before 24.4R2-EVO.
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
Transient DOS due to buffer over-read in WLAN while sending a packet to device.
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Transient DOS while handling command data during power control processing.
Transient DOS while processing power control requests with invalid antenna or stream values.
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
Transient DOS while parsing the EPTM test control message to get the test pattern.
The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK.
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
Transient DOS while processing the EHT operation IE in the received beacon frame.
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
Transient DOS while parse fils IE with length equal to 1.
Transient DOS while processing a frame with malformed shared-key descriptor.
Transient DOS while handling beacon frames with invalid IE header length.
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
Transient DOS while parsing per STA profile in ML IE.
Transient DOS may occur while parsing SSID in action frames.
Transient DOS may occur while processing malformed length field in SSID IEs.
Transient DOS while processing received beacon frame.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer.