Search Results (2713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4914 1 Cisco 1 Asa 5580 2025-04-11 N/A
Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879.
CVE-2010-4669 1 Microsoft 5 Windows 2003 Server, Windows 7, Windows Server 2008 and 2 more 2025-04-11 N/A
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package.
CVE-2006-7244 1 Libpng 1 Libpng 2025-04-11 N/A
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
CVE-2010-4707 2 Linux-pam, Redhat 2 Linux-pam, Enterprise Linux 2025-04-11 N/A
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.
CVE-2010-1460 1 Ibm 2 Advanced Management Module, Bladecenter 2025-04-11 N/A
The IBM BladeCenter with Advanced Management Module (AMM) firmware before bpet50g does not properly perform interrupt sharing for USB and iSCSI, which allows remote attackers to cause a denial of service (management module reboot) via TCP packets with malformed application data.
CVE-2011-0430 1 Openafs 1 Openafs 2025-04-11 N/A
Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors.
CVE-2011-0445 1 Wireshark 1 Wireshark 2025-04-11 N/A
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
CVE-2011-0492 1 Tor 1 Tor 2025-04-11 N/A
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file.
CVE-2011-0534 2 Apache, Redhat 3 Tomcat, Enterprise Linux, Jboss Enterprise Web Server 2025-04-11 N/A
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
CVE-2011-0612 1 Adobe 1 Flash Media Server 2025-04-11 N/A
Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before 4.0.2, allows remote attackers to cause a denial of service (XML data corruption) via unspecified vectors.
CVE-2011-1174 1 Digium 1 Asterisk 2025-04-11 N/A
manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x before 1.6.2.17.2, and 1.8.x before 1.8.3.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a series of manager sessions involving invalid data.
CVE-2011-1238 1 Microsoft 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more 2025-04-11 N/A
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability."
CVE-2011-4137 1 Djangoproject 1 Django 2025-04-11 N/A
The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service (resource consumption) via a URL associated with (1) a slow response, (2) a completed TCP connection with no application data sent, or (3) a large amount of application data, a related issue to CVE-2011-1521.
CVE-2011-1267 1 Microsoft 3 Windows 7, Windows Server 2008, Windows Vista 2025-04-11 N/A
The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 request, aka "SMB Request Parsing Vulnerability."
CVE-2011-1318 1 Ibm 1 Websphere Application Server 2025-04-11 N/A
Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted.
CVE-2011-1322 1 Ibm 1 Websphere Application Server 2025-04-11 N/A
The SOAP with Attachments API for Java (SAAJ) implementation in the Web Services component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via encrypted SOAP messages.
CVE-2011-1385 1 Ibm 2 Aix, Vios 2025-04-11 N/A
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.
CVE-2011-3263 1 Zabbix 1 Zabbix 2025-04-11 N/A
zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service (CPU consumption) by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device.
CVE-2011-1747 1 Linux 1 Linux Kernel 2025-04-11 N/A
The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not properly restrict memory allocation by the (1) AGPIOC_RESERVE and (2) AGPIOC_ALLOCATE ioctls, which allows local users to cause a denial of service (memory consumption) by making many calls to these ioctls.
CVE-2011-1779 1 Freebsd 1 Libarchive 2025-04-11 N/A
Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image.