Total
2696 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1165 | 1 Openssl | 1 Openssl | 2018-01-13 | 5.0 MEDIUM | N/A |
| The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. | |||||
| CVE-2012-0359 | 1 Cisco | 2 Cius, Cius Software | 2018-01-11 | 7.8 HIGH | N/A |
| The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service (device crash or hang) via malformed network traffic, aka Bug ID CSCto71445. | |||||
| CVE-2012-0452 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2018-01-10 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding. | |||||
| CVE-2011-1675 | 1 Linux | 1 Util-linux | 2018-01-10 | 3.3 LOW | N/A |
| mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | |||||
| CVE-2011-1394 | 1 Ibm | 6 Maximo Asset Management, Maximo Asset Management Essentials, Maximo Service Desk and 3 more | 2018-01-10 | 5.0 MEDIUM | N/A |
| IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allow remote attackers to cause a denial of service (memory consumption) by establishing many UI sessions within one HTTP session. | |||||
| CVE-2011-1385 | 1 Ibm | 2 Aix, Vios | 2018-01-10 | 7.8 HIGH | N/A |
| IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. | |||||
| CVE-2007-6750 | 1 Apache | 1 Http Server | 2018-01-10 | 5.0 MEDIUM | N/A |
| The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15. | |||||
| CVE-2013-2147 | 2 Linux, Suse | 2 Linux Kernel, Linux Enterprise Server | 2018-01-09 | 2.1 LOW | N/A |
| The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. | |||||
| CVE-2012-0789 | 1 Php | 1 Php | 2018-01-09 | 5.0 MEDIUM | N/A |
| Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. | |||||
| CVE-2012-0781 | 1 Php | 1 Php | 2018-01-09 | 5.0 MEDIUM | N/A |
| The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153. | |||||
| CVE-2012-1558 | 1 Yassl | 1 Cyassl | 2018-01-06 | 5.0 MEDIUM | N/A |
| yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted X.509 certificate. | |||||
| CVE-2010-1675 | 1 Quagga | 1 Quagga | 2018-01-06 | 5.0 MEDIUM | N/A |
| bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute. | |||||
| CVE-2016-2116 | 2 Canonical, Jasper Project | 2 Ubuntu Linux, Jasper | 2018-01-05 | 4.3 MEDIUM | 5.7 MEDIUM |
| Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file. | |||||
| CVE-2015-8877 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-05 | 5.0 MEDIUM | 7.5 HIGH |
| The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. | |||||
| CVE-2015-8786 | 2 Oracle, Pivotal Software | 2 Solaris, Rabbitmq | 2018-01-05 | 6.8 MEDIUM | 6.5 MEDIUM |
| The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter. | |||||
| CVE-2015-5366 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux Server Aus | 2018-01-05 | 5.0 MEDIUM | N/A |
| The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. | |||||
| CVE-2014-8117 | 4 Canonical, File Project, Freebsd and 1 more | 4 Ubuntu Linux, File, Freebsd and 1 more | 2018-01-05 | 5.0 MEDIUM | N/A |
| softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. | |||||
| CVE-2014-8116 | 4 Canonical, File Project, Freebsd and 1 more | 4 Ubuntu Linux, File, Freebsd and 1 more | 2018-01-05 | 5.0 MEDIUM | N/A |
| The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. | |||||
| CVE-2012-1940 | 1 Mozilla | 5 Firefox, Firefox Esr, Seamonkey and 2 more | 2018-01-05 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. | |||||
| CVE-2012-1601 | 1 Linux | 1 Linux Kernel | 2018-01-05 | 4.9 MEDIUM | N/A |
| The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. | |||||