Total
2706 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9854 | 4 Canonical, Imagemagick, Opensuse and 1 more | 7 Ubuntu Linux, Imagemagick, Leap and 4 more | 2025-04-20 | 7.5 High |
| coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | ||||
| CVE-2016-9225 | 1 Cisco | 1 Asa Cx Context-aware Security Software | 2025-04-20 | N/A |
| A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946. | ||||
| CVE-2014-9637 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Patch and 1 more | 2025-04-20 | N/A |
| GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. | ||||
| CVE-2014-6438 | 1 Ruby-lang | 1 Ruby | 2025-04-20 | N/A |
| The URI.decode_www_form_component method in Ruby before 1.9.2-p330 allows remote attackers to cause a denial of service (catastrophic regular expression backtracking, resource consumption, or application crash) via a crafted string. | ||||
| CVE-2014-3221 | 1 Huawei | 2 Eudemon8000e, Eudemon8000e Firmware | 2025-04-20 | N/A |
| Huawei Eudemon8000E firewall with software V200R001C01SPC800 and earlier versions allows users to log in to the device using Telnet or SSH. When an attacker sends to the device a mass of TCP packets with special structure, the logging process becomes slow and users may be unable to log in to the device. | ||||
| CVE-2014-3224 | 1 Huawei | 14 Quidway S5300, Quidway S5300 Firmware, Quidway S5700 and 11 more | 2025-04-20 | N/A |
| Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 V200R003C00SPC500, Quidway S7700 V200R003C00SPC500, Quidway S6700 V200R003C00SPC300, Quidway S6300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300 enable attackers to launch DoS attacks by crafting and sending malformed packets to these vulnerable products. | ||||
| CVE-2017-12355 | 1 Cisco | 1 Ios Xr | 2025-04-20 | N/A |
| A vulnerability in the Local Packet Transport Services (LPTS) ingress frame-processing functionality of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause one of the LPTS processes on an affected system to restart unexpectedly, resulting in a brief denial of service (DoS) condition. The vulnerability is due to incomplete LPTS frame validation by the affected software. An attacker could exploit this vulnerability by sending crafted XML requests to the management interface of an affected system. A successful exploit could allow the attacker to cause one of the LPTS processes on the affected system to restart unexpectedly, which would impact LPTS traffic and cause a brief DoS condition while the process restarts. Cisco Bug IDs: CSCvf76332. | ||||
| CVE-2017-12360 | 1 Cisco | 1 Webex Meeting Center | 2025-04-20 | N/A |
| A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by providing a user with a malicious WRF file via email or URL and convincing the user to open the file. A successful exploit could cause an affected player to crash, resulting in a DoS condition. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCve30294, CSCve30301. | ||||
| CVE-2012-0880 | 1 Apache | 1 Xerces-c\+\+ | 2025-04-20 | N/A |
| Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions. | ||||
| CVE-2012-0881 | 1 Apache | 1 Xerces2 Java | 2025-04-20 | N/A |
| Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions. | ||||
| CVE-2012-6697 | 2 Debian, Inspire Ircd | 2 Debian Linux, Inspircd | 2025-04-20 | N/A |
| InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop). | ||||
| CVE-2010-5329 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the Linux kernel before 2.6.39 relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which might allow local users to cause a denial of service (memory consumption) via a large value. | ||||
| CVE-2011-4650 | 1 Cisco | 1 Data Center Network Manager | 2025-04-20 | N/A |
| Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.2(1). Known Fixed Releases: 6.0(0)SL1(0.14) 5.2(2.73)S0. Product identification: CSCtt15295. | ||||
| CVE-2017-6613 | 1 Cisco | 1 Prime Network Registrar | 2025-04-20 | N/A |
| A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete DNS packet header validation when the packet is received by the application. An attacker could exploit this vulnerability by sending a malformed DNS packet to the application. An exploit could allow the attacker to cause the DNS process to restart, which could lead to a DoS condition. This vulnerability affects Cisco Prime Network Registrar on all software versions prior to 8.3.5. Cisco Bug IDs: CSCvb55412. | ||||
| CVE-2017-6630 | 1 Cisco | 2 Ip Phone 8800 Series Firmware, Ip Phone 8851 | 2025-04-20 | N/A |
| A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 11.0(0.1) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an abnormal SIP message. An attacker could exploit this vulnerability by manipulating the CANCEL packet. An exploit could allow the attacker to cause a disruption of service to the phone. Cisco Bug IDs: CSCvc34795. | ||||
| CVE-2022-43382 | 1 Ibm | 2 Aix, Vios | 2025-04-16 | 6.2 Medium |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641. | ||||
| CVE-2022-43380 | 1 Ibm | 2 Aix, Vios | 2025-04-15 | 6.2 Medium |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX NFS kernel extension to cause a denial of service. IBM X-Force ID: 238640. | ||||
| CVE-2022-43381 | 1 Ibm | 2 Aix, Vios | 2025-04-15 | 6.2 Medium |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639. | ||||
| CVE-2014-7824 | 4 Canonical, Debian, Freedesktop and 1 more | 4 Ubuntu Linux, Debian Linux, Dbus and 1 more | 2025-04-12 | N/A |
| D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1. | ||||
| CVE-2015-1076 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | ||||