Search Results (2713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-0963 1 Ibm 2 Security Access Manager For Web Appliance, Security Access Manager For Web Software 2025-04-12 N/A
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.
CVE-2014-8567 2 Redhat, Uninett 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more 2025-04-12 N/A
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.
CVE-2015-5312 6 Apple, Canonical, Debian and 3 more 15 Iphone Os, Mac Os X, Tvos and 12 more 2025-04-12 N/A
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2016-6622 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 N/A
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
CVE-2014-6363 1 Microsoft 2 Internet Explorer, Vbscript 2025-04-12 N/A
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."
CVE-2014-8714 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-12 N/A
The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE-2014-2730 1 Microsoft 1 Office 2025-04-12 N/A
The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption and persistent application hang) via a crafted XML document containing a large number of nested entity references, as demonstrated by a crafted text/plain e-mail message to Outlook, a similar issue to CVE-2003-1564.
CVE-2015-2221 2 Canonical, Clamav 2 Ubuntu Linux, Clamav 2025-04-12 N/A
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
CVE-2016-6381 1 Cisco 6 Ios, Ios Xe, Ios Xe 16.1 and 3 more 2025-04-12 N/A
Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382.
CVE-2016-6382 1 Cisco 2 Ios, Ios Xe 2025-04-12 N/A
Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399.
CVE-2016-6632 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 N/A
An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
CVE-2016-2116 3 Canonical, Jasper Project, Redhat 3 Ubuntu Linux, Jasper, Enterprise Linux 2025-04-12 N/A
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
CVE-2014-3353 1 Cisco 1 Ios Xr 2025-04-12 N/A
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.
CVE-2016-6385 1 Cisco 2 Ios, Ios Xe 2025-04-12 N/A
Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.
CVE-2016-1344 7 Cisco, Lenovo, Netgear and 4 more 7 Ios Xe, Thinkcentre E75s Firmware, Jr6150 Firmware and 4 more 2025-04-12 N/A
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
CVE-2016-1269 1 Juniper 1 Junos 2025-04-12 N/A
Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R9, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R8, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R4-S1, 15.1 before 15.1R2, 15.1X49 before 15.1X49-D30, and 16.1 before 16.1R1 allow remote attackers to cause a denial of service (socket consumption) via crafted TCP timestamps.
CVE-2014-3507 2 Openssl, Redhat 3 Openssl, Enterprise Linux, Storage 2025-04-12 N/A
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.
CVE-2016-1546 2 Apache, Redhat 2 Http Server, Rhel Software Collections 2025-04-12 N/A
The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows.
CVE-2015-0751 1 Cisco 2 Ip Phone 7861, Unified Communications Manager 2025-04-12 N/A
Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800.
CVE-2016-6508 1 Wireshark 1 Wireshark 2025-04-12 N/A
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.