Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
Windows iSCSI Service Denial of Service Vulnerability
Windows Secure Channel Denial of Service Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
Windows Secure Channel Denial of Service Vulnerability
Improper input validation for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.
Windows Active Directory Domain Services API Denial of Service Vulnerability
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Windows Secure Channel Denial of Service Vulnerability
Windows Netlogon Denial of Service Vulnerability
Windows iSCSI Service Denial of Service Vulnerability
Windows iSCSI Discovery Service Denial of Service Vulnerability
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
.NET Denial of Service Vulnerability
Windows iSCSI Service Denial of Service Vulnerability
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
<p>A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.</p> <p>The update addresses the vulnerability by correcting how RDP handles connection requests.</p>
Windows Network File System Denial of Service Vulnerability
<p>A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly.</p> <p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>
<p>A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the Remote Desktop Service on the target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Service.</p> <p>The update addresses the vulnerability by correcting how Remote Desktop Service handles connection requests.</p>
An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a system call operation with an invalid address, resulting in a potential system crash.
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.
.NET and Visual Studio Denial of Service Vulnerability
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
DHCP Server Service Denial of Service Vulnerability
A denial of service vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RD Gateway service on the target system to stop responding. To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides RD Gateway services. The update addresses the vulnerability by correcting how RD Gateway handles connection requests.
Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161.
IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.
HTTP.sys Denial of Service Vulnerability
DHCP Server Service Denial of Service Vulnerability
Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281278.
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function.
An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service.
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows Kerberos Denial of Service Vulnerability
Windows Secure Channel Denial of Service Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.
Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources.
Internet Connection Sharing (ICS) Denial of Service Vulnerability
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows Secure Channel Denial of Service Vulnerability
Microsoft AllJoyn API Denial of Service Vulnerability
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability