Search
Total
2614 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0775 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components. | |||||
| CVE-2010-0577 | 1 Cisco | 1 Ios | 2017-08-17 | 7.1 HIGH | N/A |
| Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. | |||||
| CVE-2010-1917 | 1 Php | 1 Php | 2017-08-17 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string. | |||||
| CVE-2010-1098 | 1 Microsoft | 2 Windows Vista, Windows Xp | 2017-08-17 | 7.1 HIGH | N/A |
| The ANI parser in Microsoft Windows before 7 on the x86 platform, as used in Internet Explorer and other applications, allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted biClrUsed value in the BITMAPINFO header of a .ANI file. | |||||
| CVE-2010-2941 | 1 Apple | 1 Cups | 2017-08-17 | 7.9 HIGH | N/A |
| ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | |||||
| CVE-2010-2225 | 1 Php | 1 Php | 2017-08-17 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function. | |||||
| CVE-2010-2534 | 1 Openttd | 1 Openttd | 2017-08-17 | 5.0 MEDIUM | N/A |
| The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted request, related to the client command queue. | |||||
| CVE-2010-2638 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 allows remote authenticated users to cause a denial of service (disk consumption) via vectors that trigger an FDC with an RM680004 Probe Id value. | |||||
| CVE-2010-2813 | 1 Squirrelmail | 1 Squirrelmail | 2017-08-17 | 5.0 MEDIUM | N/A |
| functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files. | |||||
| CVE-2010-0780 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 4.3 MEDIUM | N/A |
| IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consumption) via multiple connection attempts to a stopped queue manager. | |||||
| CVE-2010-0770 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.0 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service (ORB ListenerThread hang) by aborting an SSL handshake. | |||||
| CVE-2010-0583 | 1 Cisco | 1 Ios | 2017-08-17 | 7.8 HIGH | N/A |
| Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. | |||||
| CVE-2010-1677 | 1 Mhonarc | 1 Mhonarc | 2017-08-17 | 5.0 MEDIUM | N/A |
| MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy>dy> sequence, a different vulnerability than CVE-2010-4524. | |||||
| CVE-2010-0295 | 1 Lighttpd | 1 Lighttpd | 2017-08-17 | 5.0 MEDIUM | N/A |
| lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate. | |||||
| CVE-2009-3933 | 2 Google, Webkit | 2 Chrome, Webkit | 2017-08-17 | 5.0 MEDIUM | N/A |
| WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::currentTime and base::Time functions. | |||||
| CVE-2009-5040 | 1 Cisco | 1 Ios | 2017-08-17 | 6.8 MEDIUM | N/A |
| CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. | |||||
| CVE-2009-4875 | 1 Frederico Caldeira Knabben | 1 Fckeditor.java | 2017-08-17 | 5.0 MEDIUM | N/A |
| FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters. | |||||
| CVE-2009-5034 | 1 Ibm | 1 Lotus Notes Traveler | 2017-08-17 | 4.0 MEDIUM | N/A |
| IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous process is still operating on the data. | |||||
| CVE-2009-3104 | 1 Symantec | 4 Antivirus, Client Security, Norton Antivirus and 1 more | 2017-08-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors. | |||||
| CVE-2009-1711 | 1 Apple | 1 Safari | 2017-08-17 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. | |||||
| CVE-2009-0749 | 1 Cosmin Truta | 1 Optipng | 2017-08-17 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed. | |||||
| CVE-2009-0870 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-17 | 4.7 MEDIUM | N/A |
| The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. | |||||
| CVE-2009-0878 | 1 Wesnoth | 1 Wesnoth | 2017-08-17 | 5.0 MEDIUM | N/A |
| The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height. | |||||
| CVE-2009-0924 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-17 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. | |||||
| CVE-2009-0925 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-17 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723. | |||||
| CVE-2009-0926 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-17 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732. | |||||
| CVE-2009-0935 | 1 Linux | 1 Linux Kernel | 2017-08-17 | 4.7 MEDIUM | N/A |
| The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance. | |||||
| CVE-2009-1858 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-08-17 | 9.3 HIGH | N/A |
| The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. | |||||
| CVE-2009-2108 | 1 Git | 1 Git | 2017-08-17 | 5.0 MEDIUM | N/A |
| git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. | |||||
| CVE-2009-2190 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 7.8 HIGH | N/A |
| launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to cause a denial of service (individual service outage) by making many connections to an inetd-based launchd service. | |||||
| CVE-2009-2214 | 1 Citrix | 1 Secure Gateway | 2017-08-17 | 5.0 MEDIUM | N/A |
| The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an unspecified request. | |||||
| CVE-2009-2419 | 1 Apple | 1 Safari | 2017-08-17 | 4.3 MEDIUM | N/A |
| Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload function. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2651 | 1 Digium | 1 Asterisk | 2017-08-17 | 5.0 MEDIUM | N/A |
| main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer. | |||||
| CVE-2009-2803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 6.8 MEDIUM | N/A |
| CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | |||||
| CVE-2009-2966 | 1 Kaspersky | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2017-08-17 | 4.3 MEDIUM | N/A |
| avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters. | |||||
| CVE-2008-6141 | 1 Avaya | 1 Ip Soft Phone | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote attackers to cause a denial of service (crash) via a large amount of H.323 data. | |||||
| CVE-2008-7127 | 1 Microfocus | 1 Visibroker | 2017-08-17 | 5.0 MEDIUM | N/A |
| osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled. | |||||
| CVE-2008-7129 | 1 Xyssl | 1 Xyssl | 2017-08-17 | 5.0 MEDIUM | N/A |
| XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification. | |||||
| CVE-2009-0635 | 1 Cisco | 1 Ios | 2017-08-17 | 7.1 HIGH | N/A |
| Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets. | |||||
| CVE-2008-7094 | 1 Unica | 1 Affinium Campaign | 2017-08-17 | 5.0 MEDIUM | N/A |
| Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote attackers to cause a denial of service (server crash) via a crafted length field that triggers (1) connection exhaustion or (2) memory allocation failure. | |||||
| CVE-2016-1466 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2017-08-16 | 7.8 HIGH | 7.5 HIGH |
| Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072. | |||||
| CVE-2016-6595 | 1 Docker | 1 Docker | 2017-08-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| ** DISPUTED ** The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At some point the manager obviously stops being able to accept new nodes, since it runs out of memory. Given that both for Docker swarm and for Docker Swarmkit nodes are *required* to provide a secret token (it's actually the only mode of operation), this means that no adversary can simply join nodes and exhaust manager resources. We can't do anything about a manager running out of memory and not being able to add new legitimate nodes to the system. This is merely a resource provisioning issue, and definitely not a CVE worthy vulnerability." | |||||
| CVE-2016-5427 | 1 Powerdns | 1 Authoritative | 2017-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query. | |||||
| CVE-2016-1469 | 1 Cisco | 4 Spa300 Series Ip Phone, Spa300 Series Ip Phone Firmware, Spa500 Series Ip Phone and 1 more | 2017-08-13 | 7.8 HIGH | 7.5 HIGH |
| The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385. | |||||
| CVE-2016-5426 | 1 Powerdns | 1 Authoritative | 2017-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname. | |||||
| CVE-2008-5181 | 1 Microsoft | 1 Office Communicator | 2017-08-08 | 5.0 MEDIUM | N/A |
| Microsoft Communicator allows remote attackers to cause a denial of service (application or device outage) via instant messages containing large numbers of emoticons. | |||||
| CVE-2008-6000 | 1 Gdata | 3 Antivirus 2008, Internetsecurity 2008, Totalcare 2008 | 2017-08-08 | 7.2 HIGH | N/A |
| The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents. | |||||
| CVE-2008-5661 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-08 | 5.4 MEDIUM | N/A |
| The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | |||||
| CVE-2008-6024 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-08 | 5.4 MEDIUM | N/A |
| Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. | |||||
| CVE-2008-5620 | 1 Roundcube | 1 Webmail | 2017-08-08 | 7.8 HIGH | N/A |
| RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image. | |||||