CVE-2021-40439

Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are subject to this issue. expat in version 4.1.11 is patched. (CVSS:0.0) (Terminal Update:2021-10-07)

2021-10-06T20:00:00-04:00October 6th, 2021|Denial of Service|

CVE-2021-42084

An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service. (CVSS:0.0) (Concluding Update:2021-10-07)

2021-10-06T20:00:00-04:00October 6th, 2021|Denial of Service|

CVE-2021-0687

In ellipsize of Layout.java, there is a feasible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-188913943 (CVSS:0.0) (Concluding Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Denial of Service|

CVE-2021-25471

A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. (CVSS:0.0) (Terminal Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Denial of Service|

CVE-2021-25477

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service. (CVSS:0.0) (Last Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Denial of Service|

CVE-2021-25480

A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. (CVSS:0.0) (Terminal Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Denial of Service|

CVE-2021-34698

A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) precondition on an affected device. This vulnerability is owed to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a immense number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing recently created connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation. (CVSS:0.0) (Closing Update:2021-10-06)

2021-10-05T20:00:00-04:00October 5th, 2021|Denial of Service|

CVE-2021-39880

A Denial Of Service vulnerability in the apollo_upload_server Ruby gem in GitLab CE/EE version 11.11 and above allows an attacker to deny admittance to all users via specially crafted requests to the apollo_upload_server middleware. (CVSS:0.0) (Terminal Update:2021-10-05)

2021-10-04T20:00:00-04:00October 4th, 2021|Denial of Service|

CVE-2021-41118

The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. In affected versions unsanitised input of regular expression date within the parameters of the DPL parser function, allowed for the possibility of ReDoS (Regex Denial of Service). This has been resolved in version 3.3.6. If you are unable to update you may also set `$wgDplSettings['functionalRichness'] = 0;` or disable DynamicPageList3 to mitigate. (CVSS:0.0) (Terminal Update:2021-10-04)

2021-10-03T20:00:00-04:00October 3rd, 2021|Denial of Service|

CVE-2021-23446

The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) in Handsontable.helper.isNumeric function. (CVSS:0.0) (Last Update:2021-09-29)

2021-09-28T20:00:00-04:00September 28th, 2021|Denial of Service|
Go to Top