Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-6052

Summary
Assigner-ibm
Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522
Published At-27 May, 2026 | 13:09
Updated At-27 May, 2026 | 15:22
Rejected At-
Credits

IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ibm
Assigner Org ID:9a959283-ebb5-44b6-b705-dcc2bbced522
Published At:27 May, 2026 | 13:09
Updated At:27 May, 2026 | 15:22
Rejected At:
▼CVE Numbering Authority (CNA)
IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.

Affected Products
Vendor
IBM CorporationIBM
Product
Db2
CPEs
  • cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:12.1.4:*:*:*:*:*:*:*
Versions
Affected
  • From 11.5.0 through 11.5.9 (semver)
  • From 12.1.0 through 12.1.4 (semver)
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Customers running any vulnerable affected level of an affected Program, V11.5, and V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent level for each impacted release: V11.5.9, and V12.1.4. They can be applied to any affected level of the appropriate release to remediate this vulnerability. ReleaseFixed in mod packAPARDownload URLV11.5TBD https://www.ibm.com/support/pages/node/7087189 V12.1 TBD https://www.ibm.com/support/pages/node/7267513 IBM does not disclose key Db2 functionality nor replication steps for a vulnerability to avoid providing too much information to any potential malicious attacker. IBM does not want to enable a malicious attacker with sufficient knowledge to craft an exploit of the vulnerability.

Configurations
Workarounds

Do not use Multi-Clustering-Dimensional (MDC) tables

Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ibm.com/support/pages/node/7273557
vendor-advisory
patch
Hyperlink: https://www.ibm.com/support/pages/node/7273557
Resource:
vendor-advisory
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@us.ibm.com
Published At:27 May, 2026 | 14:17
Updated At:28 May, 2026 | 15:51

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
IBM Corporation
ibm
>>db2>>Versions from 11.5.0(inclusive) to 11.5.9(inclusive)
cpe:2.3:a:ibm:db2:*:*:*:*:-:*:*:*
IBM Corporation
ibm
>>db2>>Versions from 12.1.0(inclusive) to 12.1.4(inclusive)
cpe:2.3:a:ibm:db2:*:*:*:*:-:*:*:*
IBM Corporation
ibm
>>aix>>-
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
IBM Corporation
ibm
>>linux_on_ibm_z>>-
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>-
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-400
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.ibm.com/support/pages/node/7273557psirt@us.ibm.com
Vendor Advisory
Hyperlink: https://www.ibm.com/support/pages/node/7273557
Source: psirt@us.ibm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2420Records found
CVE-2023-52340
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.44%
||
7 Day CHG~0.00%
Published-05 Jul, 2024 | 00:00
Updated-04 Nov, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-47150
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.25%
||
7 Day CHG~0.00%
Published-26 Mar, 2024 | 14:01
Updated-04 Feb, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Common Cryptographic Architecture denial of service

IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602.

Action-Not Available
Vendor-IBM Corporation
Product-Common Cryptographic Architecture
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-22332
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.86%
||
7 Day CHG~0.00%
Published-09 Feb, 2024 | 00:54
Updated-01 Aug, 2024 | 22:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Integration Bus for z/OS denial of service

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972.

Action-Not Available
Vendor-IBM Corporation
Product-integration_busIntegration Bus for z/OS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-44487
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-94.40% / 99.98%
||
7 Day CHG-0.09%
Published-10 Oct, 2023 | 00:00
Updated-12 May, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Action-Not Available
Vendor-linecorpcaddyserverkonghqakkakazu-yamamotovarnish_cache_projectprojectcontourgrpclinkerdopenrestyamazonenvoyproxyistiodenatraefiknghttp2n/aMicrosoft CorporationSiemens AGCisco Systems, Inc.Red Hat, Inc.JenkinsThe Apache Software FoundationFacebookApple Inc.Fedora ProjectNetApp, Inc.GoThe Netty ProjectEclipse Foundation AISBLNode.js (OpenJS Foundation)F5, Inc.The IETF Administration LLC (IETF LLC)Debian GNU/Linux
Product-nexus_9804nexus_9332d-h2rnexus_9372txnexus_9200istionexus_92160yc_switchfedoranexus_92160yc-xsiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareenterprise_chat_and_email.netvisual_studio_2022windows_10_22h2node_healthcheck_operatornexus_36180yc-ropenshift_sandboxed_containersnexus_9500_4-slotnexus_93128tx_switchnexus_92300ycbig-ip_nextcost_managementjboss_enterprise_application_platformnexus_9200ycnexus_9332pqnexus_9396txproxygenultra_cloud_core_-_session_management_functionintegration_camel_kintegration_camel_for_spring_bootnexus_3064tazure_kubernetes_servicenexus_93180yc-fxcrosswork_zero_touch_provisioningbig-ip_analyticsnexus_3432d-snexus_93180yc-fx3secure_malware_analyticsopensearch_data_preppersecure_web_appliance_firmwareweb_terminalprime_infrastructurenexus_93180lc-ex_switchopenshift_container_platform_assisted_installercertification_for_red_hat_enterprise_linuxprime_cable_provisioningnexus_93108tc-fx-24connected_mobile_experiencesnexus_92300yc_switchprocess_automationexpresswayhttp_serverunified_attendant_console_advancedopenstack_platformnginx_plusnexus_93240yc-fx2nexus_3636c-rcryostatnexus_3100-zsingle_sign-onopenshift_distributed_tracingnexus_9736pqnexus_9272qnexus_3016qnexus_93108tc-ex-24unified_contact_center_domain_managernexus_9396tx_switchopenshift_developer_tools_and_servicesnexus_93128crosswork_situation_managernexus_93180yc-ex-24nexus_9332pq_switchwindows_server_2022nexus_31108pc-vopenshift_api_for_data_protectionopenshift_gitopsnexus_3132c-zsupport_for_spring_bootwindows_server_2016nexus_3016nexus_3132q-vopenshift_service_mesh3scale_api_management_platformnexus_3464cnexus_9500ropenshiftcaddynexus_3100-vnexus_3132qopenshift_secondary_scheduler_operatornexus_3064-32tnexus_31108tc-varmeriagomigration_toolkit_for_containersbuild_of_optaplannernexus_3232nexus_9372pxbig-ip_websafenexus_9500_supervisor_anexus_9348gc-fxpultra_cloud_core_-_serving_gateway_functionnexus_3172tqnexus_9504windows_10_21h2nexus_3064xnexus_3232cnexus_9636pqnexus_3400jettyansible_automation_platformnexus_9500_supervisor_bnexus_9372tx-ewindows_10_1809nexus_3524-xlnexus_3408-snexus_3172tq-32tnexus_93180tc-exnexus_9516nexus_3524-xnexus_3264c-enexus_3172pqnexus_3172pq\/pq-xlnexus_9336pqastra_control_centernexus_9364c-gxnexus_9336c-fx2simatic_s7-1500_cpu_1518-4_pn\/dpnexus_9236cnexus_9536pqnexus_9236c_switchnexus_93180yc-fx-24nexus_31128pqnetwork_observability_operatorbig-ip_application_security_managerprime_access_registrarswiftnio_http\/2linkerdios_xewindows_11_22h2nexus_9500_supervisor_b\+nexus_9364d-gx2adecision_managerbig-ip_policy_enforcement_managerquaynexus_3264qbusiness_process_automationnexus_3100vsecure_dynamic_attributes_connectornexus_9372tx_switchnexus_9500_supervisor_a\+machine_deletion_remediation_operatornode.jssatellitenexus_9348d-gx2abig-ip_domain_name_systemnexus_3064nexus_9372px-e_switchbig-ip_link_controllernexus_93108tc-ex_switchhttpbig-ip_advanced_firewall_managerprime_network_registrarcert-manager_operator_for_red_hat_openshiftnexus_9432pqtraefikbuild_of_quarkusnexus_3524self_node_remediation_operatorcrosswork_data_gatewaycontournode_maintenance_operatorcbl-marinernexus_9716d-gxsinec_insh2onexus_9332d-gx2bnexus_9372px_switchapisixjboss_core_servicesnexus_9500_16-slotsimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareoncommand_insightnexus_9372px-enexus_9336pq_aci_spinenexus_3548-xnexus_9221cnexus_9272q_switchnexus_93108tc-fxfirepower_threat_defensebig-ip_fraud_protection_servicewindows_server_2019migration_toolkit_for_virtualizationvarnish_cacheunified_contact_center_enterprisenexus_93108tc-fx3hnexus_93240tc-fx2asp.net_coretelepresence_video_communication_servernexus_93216tc-fx2nexus_3100traffic_servernexus_3064-xnexus_9348gc-fx3nexus_9332cbig-ip_application_visibility_and_reportingnexus_3132q-x\/3132q-xltomcatwindows_10_1607simatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmwarenexus_3172tq-xlnexus_3548-xlnexus_9336pq_aci_spine_switchsiplus_s7-1500_cpu_1518-4_pn\/dp_mfpnexus_3164qdebian_linuxnexus_9396px_switchnexus_9396pxlogging_subsystem_for_red_hat_openshiftnexus_9364cbig-ip_webacceleratoropenshift_serverlessnetworkingnexus_9500big-ip_ssl_orchestratornexus_93180yc-ex_switchnexus_9508nexus_3132q-xnexus_93120txnexus_3132q-xlnexus_9408ruggedcom_ape1808_firmwarenexus_34180ycnexus_93180yc-fx3snx-osnexus_93180lc-exunified_contact_center_management_portalnexus_92304qc_switchdata_center_network_manageropenrestynexus_92348gc-xbig-ip_application_acceleration_manageropenshift_virtualizationnexus_93108tc-fx3pnexus_93360yc-fx2nexus_3172pq-xlnexus_31108pv-vgrpcnexus_93128txnexus_3064-tadvanced_cluster_management_for_kubernetesbig-ip_advanced_web_application_firewallenvoynexus_3232c_big-ip_global_traffic_managernginxfence_agents_remediation_operatorjboss_data_gridios_xrfog_directorsimatic_s7-1500_cpu_1518f-4_pn\/dp_mfpbig-ip_carrier-grade_natnexus_9300windows_11_21h2secure_web_applianceintegration_service_registryhttp2openshift_dev_spacesbig-ip_ddos_hybrid_defendernexus_93180yc-fx3hservice_interconnectnghttp2openshift_data_sciencest7_scadaconnectnexus_93120tx_switchbig-ip_local_traffic_managerbig-ip_access_policy_managerjboss_fuseopenshift_container_platformopenshift_pipelinesnexus_3048nexus_9508_switchnettynexus_9336c-fx2-enexus_93600cd-gxnexus_34200yc-smnexus_9516_switchceph_storagenexus_3600jboss_a-mqrun_once_duration_override_operatornexus_9000vnexus_3172nexus_3500sinec_nmsruggedcom_ape1808nexus_9336pq_acinexus_9316d-gxnexus_9800kong_gatewayadvanced_cluster_securitynexus_3548-x\/xlunified_contact_center_enterprise_-_live_data_serverultra_cloud_core_-_policy_control_functionbig-ip_next_service_proxy_for_kubernetesnexus_9232enexus_9808jboss_a-mq_streamsnexus_92304qciot_field_network_directornexus_9500_8-slotmigration_toolkit_for_applicationsnexus_3200solrjenkinsnginx_ingress_controllernexus_93180yc-exnexus_9372tx-e_switchnexus_93108tc-exnexus_9504_switchnexus_3524-x\/xlnexus_3548service_telemetry_frameworkenterprise_linuxn/aRUGGEDCOM APE1808SINEC NMSSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPhttpHTTP/2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-43767
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.44%
||
7 Day CHG~0.00%
Published-22 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.F-Secure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-42520
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.WithSecure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-40692
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 18.75%
||
7 Day CHG~0.00%
Published-03 Dec, 2023 | 23:51
Updated-13 Feb, 2025 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807.

Action-Not Available
Vendor-IBM Corporation
Product-db2Db2 for Linux, UNIX and Windows
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-41151
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.77%
||
7 Day CHG~0.00%
Published-14 Dec, 2023 | 00:00
Updated-22 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.

Action-Not Available
Vendor-softingn/aMicrosoft Corporation
Product-windowsopcsecure_integration_serveropc_ua_c\+\+_software_development_kitn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2023-39180
Matching Score-10
Assigner-Fedora Project
ShareView Details
Matching Score-10
Assigner-Fedora Project
CVSS Score-4||MEDIUM
EPSS-0.06% / 18.82%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 09:53
Updated-06 Aug, 2025 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: ksmbd: read request memory leak denial-of-service vulnerability

A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-38741
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.35%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 17:19
Updated-09 Oct, 2024 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM TXSeries for Multiplatforms denial of service

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, Inc
Product-txseries_for_multiplatformlinux_kernelhp-uxwindowsaixTXSeries for Multiplatformstxseries_for_multiplatforms
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-20661
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-6.65% / 91.35%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 17:57
Updated-03 Jun, 2025 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 Version 23H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1809Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2016 (Server Core installation)Windows Server 2008 Service Pack 2Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012 R2Windows 10 Version 1507Windows 11 version 22H2Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2016Windows 11 version 21H2
CWE ID-CWE-476
NULL Pointer Dereference
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-36038
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-8.2||HIGH
EPSS-8.22% / 92.33%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 21:35
Updated-09 Oct, 2025 | 00:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASP.NET Core Denial of Service Vulnerability

ASP.NET Core Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022asp.net_core.netMicrosoft Visual Studio 2022 version 17.6ASP.NET Core 8.0Microsoft Visual Studio 2022 version 17.2Microsoft Visual Studio 2022 version 17.7Microsoft Visual Studio 2022 version 17.4.NET 8.0
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-35329
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.75% / 73.42%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Authentication Denial of Service Vulnerability

Windows Authentication Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2012Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-36606
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-49.77% / 97.86%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows 10 Version 22H2Windows Server 2016Windows Server 2012 R2Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2019Windows 10 Version 21H2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-4046
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.11% / 78.46%
||
7 Day CHG~0.00%
Published-25 Mar, 2019 | 18:15
Updated-17 Sep, 2024 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 156242.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_application_serverWebSphere Application Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-1916
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-1.00% / 77.31%
||
7 Day CHG+0.42%
Published-02 Jul, 2015 | 21:16
Updated-27 May, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.

Action-Not Available
Vendor-n/aIBM Corporation
Product-javan/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-17360
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.53%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 17:39
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption.

Action-Not Available
Vendor-n/aOracle CorporationLinux Kernel Organization, IncHitachi, Ltd.Microsoft Corporation
Product-solarislinux_kernelinfrastructure_analytics_advisorwindowstuning_managerreplication_managerdevice_managertiered_storage_managern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-42521
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.WithSecure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-42523
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.WithSecure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-42526
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.WithSecure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-42522
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.WithSecure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-38149
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-5.41% / 90.28%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-30 Oct, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows TCP/IP Denial of Service Vulnerability

Windows TCP/IP Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 11 version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 21H2Windows Server 2012 R2Windows 10 Version 1809Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2016
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-38162
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-6.89% / 91.52%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-30 Oct, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DHCP Server Service Denial of Service Vulnerability

DHCP Server Service Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_server_2019windows_server_2022Windows Server 2022Windows Server 2019Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2012 R2Windows Server 2019 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2012 (Server Core installation)
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-38737
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.05% / 17.21%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 18:07
Updated-02 Oct, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM WebSphere Application Server Liberty denial of service

IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_application_serverWebSphere Application Server Liberty
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-38178
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-1.77% / 82.98%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 17:08
Updated-01 Jan, 2025 | 01:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
.NET Core and Visual Studio Denial of Service Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022.netMicrosoft Visual Studio 2022 version 17.2Microsoft Visual Studio 2022 version 17.4.NET 6.0
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-36703
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-8.00% / 92.21%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DHCP Server Service Denial of Service Vulnerability

DHCP Server Service Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_server_2022windows_server_2019windows_server_2008Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2Windows Server 2012 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022Windows Server 2012 R2Windows Server 2016Windows Server 2019Windows Server 2008 Service Pack 2 (Server Core installation)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-36579
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-6.83% / 91.48%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows 10 Version 22H2Windows Server 2016Windows Server 2012 R2Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2019Windows 10 Version 21H2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-35339
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-0.72% / 72.80%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows CryptoAPI Denial of Service Vulnerability

Windows CryptoAPI Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 1507Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-36431
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-6.83% / 91.48%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:08
Updated-14 Apr, 2025 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows 10 Version 22H2Windows Server 2016Windows Server 2012 R2Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2019Windows 10 Version 21H2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-4183
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.14% / 78.73%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 19:05
Updated-16 Sep, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources. IBM X-Force ID: 158973.

Action-Not Available
Vendor-IBM CorporationNetApp, Inc.
Product-cognos_analyticsoncommand_insightCognos Analytics
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-0400
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 20.07%
||
7 Day CHG~0.00%
Published-29 Aug, 2022 | 14:03
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelkernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33129
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.45% / 87.72%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 23:26
Updated-28 Feb, 2025 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft SharePoint Server Denial of Service Vulnerability

Microsoft SharePoint Server Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sharepoint_serverMicrosoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Server Subscription Edition
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-28233
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-14.70% / 94.59%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 19:13
Updated-23 Jan, 2025 | 01:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Secure Channel Denial of Service Vulnerability

Windows Secure Channel Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_21h2windows_11_22h2windows_server_2022Windows Server 2022Windows 11 version 21H2Windows 11 version 22H2
CVE-2023-3338
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-7.72% / 92.05%
||
7 Day CHG~0.00%
Published-30 Jun, 2023 | 00:00
Updated-05 Mar, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Crash due to a null pointer dereference in the dn_nsp_send function

A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.

Action-Not Available
Vendor-n/aDebian GNU/LinuxNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kerneldebian_linuxactive_iq_unified_managerRed Hat Enterprise Linux 8FedoraRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-33167
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33168
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33164
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:03
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33169
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33173
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33166
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-126
Buffer Over-read
CVE-2023-32011
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.32% / 87.49%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 23:26
Updated-01 Jan, 2025 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows iSCSI Discovery Service Denial of Service Vulnerability

Windows iSCSI Discovery Service Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32248
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.10%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 15:19
Updated-02 Aug, 2024 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tree connection null pointer dereference denial-of-service vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelh500sh410sh410ch300sh700sRed Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-1838
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.32%
||
7 Day CHG~0.00%
Published-03 May, 2025 | 18:23
Updated-28 Aug, 2025 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Cloud Pak for Business Automation denial of service

IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_pak_for_business_automationCloud Pak for Business Automation
CWE ID-CWE-602
Client-Side Enforcement of Server-Side Security
CVE-2023-32045
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.06% / 86.93%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-28 Feb, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32084
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-5.43% / 90.30%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:03
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTTP.sys Denial of Service Vulnerability

HTTP.sys Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1809windows_11_22h2windows_11_21h2windows_server_2022windows_server_2019Windows Server 2022Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-32034
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32030
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-4.97% / 89.83%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 14:52
Updated-01 Jan, 2025 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
.NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_1607windows_11_22h2.net_frameworkwindows_server_2019windows_server_2008Microsoft .NET Framework 3.5 AND 4.8Microsoft .NET Framework 4.8Microsoft .NET Framework 3.5 AND 4.8.1Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5.1Microsoft .NET Framework 4.6.2Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 and 4.6.2Microsoft .NET Framework 3.5 AND 4.7.2
CVE-2023-32247
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.34%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 15:19
Updated-27 Aug, 2024 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Session setup memory exhaustion denial-of-service vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelh500sh410sh300sh700sRed Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-32044
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.06% / 86.93%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-28 Feb, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32035
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.77%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 48
  • 49
  • Next
Details not found