The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service.
A logic issue was addressed with improved file handling. This issue is fixed in visionOS 1.2. Processing web content may lead to a denial-of-service.
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
Microsoft QUIC Denial of Service Vulnerability
DHCP Server Service Denial of Service Vulnerability
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.
DHCP Server Service Denial of Service Vulnerability
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 156242.
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap.
.NET and Visual Studio Denial of Service Vulnerability
.NET Denial of Service Vulnerability
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue.
Windows DNS Client Denial of Service Vulnerability
.NET Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
.NET and Visual Studio Denial of Service Vulnerability
An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations.
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251.
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability
Microsoft Defender Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.
IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.
The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated connections from clients with the same IP.
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network.
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
IP Helper Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659.