Total
2704 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-1967 | 1 Cisco | 92 Mds 9000, Mds 9100, Mds 9140 and 89 more | 2024-09-16 | 7.5 High |
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default. | ||||
CVE-2011-1313 | 1 Ibm | 1 Websphere Application Server | 2024-09-16 | N/A |
Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call. | ||||
CVE-2010-2836 | 1 Cisco | 1 Ios | 2024-09-16 | N/A |
Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685. | ||||
CVE-2012-2970 | 1 Synel | 1 Sy-780\/a Time \& Attendance Terminal | 2024-09-16 | N/A |
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735. | ||||
CVE-2013-6801 | 1 Microsoft | 2 Windows Xp, Word | 2024-09-16 | N/A |
Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by word2003forkbomb.doc, related to a "fork bomb" issue. | ||||
CVE-2013-3627 | 1 Mcafee | 1 Agent | 2024-09-16 | N/A |
FrameworkService.exe in McAfee Framework Service in McAfee Managed Agent (MA) before 4.5.0.1927 and 4.6 before 4.6.0.3258 allows remote attackers to cause a denial of service (service crash) via a malformed HTTP request. | ||||
CVE-2010-4787 | 1 Ibm | 1 Tivoli Directory Server | 2024-09-16 | N/A |
IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon hang) via a paged search that triggers improper mutex processing. | ||||
CVE-2012-2426 | 1 Xarrow | 1 Xarrow | 2024-09-16 | N/A |
The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors. | ||||
CVE-2011-1821 | 2 Ibm, Microsoft | 2 Tivoli Directory Server, Windows | 2024-09-16 | N/A |
IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010 on Windows allows remote authenticated users to cause a denial of service (daemon hang) via a cn=changelog search. | ||||
CVE-2008-7201 | 1 Lantronix | 1 Mss485-t | 2024-09-16 | N/A |
Lantronix MSS485-T allows remote attackers to cause a denial of service (unstable performance and service loss) via certain vulnerability scans, as demonstrated using (1) Nessus and (2) nmap. | ||||
CVE-2019-16022 | 1 Cisco | 28 Asr 9000v, Asr 9001, Asr 9006 and 25 more | 2024-09-16 | 8.6 High |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. | ||||
CVE-2012-4703 | 1 Emerson | 3 Deltav Se3006 Sd Plus Controller, Deltav Ve3005 Controller Md, Deltav Ve3006 Controller Md Plus | 2024-09-16 | N/A |
The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513. | ||||
CVE-2011-2619 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets (CSS). | ||||
CVE-2011-1515 | 1 Hp | 1 Openview Storage Data Protector | 2024-09-16 | N/A |
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (daemon exit) via a request containing crafted parameters. | ||||
CVE-2010-4785 | 4 Ibm, Linux, Microsoft and 1 more | 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more | 2024-09-16 | N/A |
The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | ||||
CVE-2013-5750 | 1 Friends Of Symfony Project | 1 Fosuserbundle | 2024-09-16 | N/A |
The login form in the FriendsOfSymfony FOSUserBundle bundle before 1.3.3 for Symfony allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation, as demonstrated by a PBKDF2 computation. | ||||
CVE-2011-2614 | 1 Opera | 1 Opera Browser | 2024-09-16 | N/A |
The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn. | ||||
CVE-2012-0330 | 1 Cisco | 2 Telepresence System Software, Telepresence Video Communication Server | 2024-09-16 | N/A |
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. | ||||
CVE-2018-15404 | 1 Cisco | 2 Integrated Management Controller Supervisor, Unified Computing System Director | 2024-09-16 | N/A |
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient restrictions on the size or total amount of resources allowed via the web interface. An attacker who has valid credentials for the application could exploit this vulnerability by sending a crafted or malformed HTTP request to the web interface. A successful exploit could allow the attacker to cause oversubscription of system resources or cause a component to become unresponsive, resulting in a DoS condition. | ||||
CVE-2019-12646 | 1 Cisco | 13 1100-4p, 1100-8p, 1101-4p and 10 more | 2024-09-16 | 7.5 High |
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition. |