Total
2849 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-0212 | 1 Apache | 1 Qpid-cpp | 2024-08-06 | 7.5 High |
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors | ||||
CVE-2014-0193 | 2 Netty, Redhat | 10 Netty, Jboss Amq, Jboss Bpms and 7 more | 2024-08-06 | N/A |
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames. | ||||
CVE-2014-0180 | 1 Redhat | 2 Cloudforms 3.0 Management Engine, Cloudforms Managementengine | 2024-08-06 | N/A |
The wait_for_task function in app/controllers/application_controller.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via unspecified vectors. | ||||
CVE-2014-0118 | 3 Apache, Debian, Redhat | 6 Http Server, Debian Linux, Enterprise Linux and 3 more | 2024-08-06 | N/A |
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. | ||||
CVE-2014-0110 | 2 Apache, Redhat | 7 Cxf, Jboss Amq, Jboss Bpms and 4 more | 2024-08-06 | N/A |
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message. | ||||
CVE-2014-0075 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Jboss Bpms and 8 more | 2024-08-06 | N/A |
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data. | ||||
CVE-2014-0084 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | 5.5 Medium |
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly. | ||||
CVE-2015-9548 | 1 Mattermost | 1 Mattermost Server | 2024-08-06 | 7.5 High |
An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed. | ||||
CVE-2015-9274 | 1 Harfbuzz Project | 1 Harfbuzz | 2024-08-06 | N/A |
HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh. | ||||
CVE-2015-9253 | 1 Php | 1 Php | 2024-08-06 | N/A |
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility. | ||||
CVE-2015-9252 | 1 Qpdf Project | 1 Qpdf | 2024-08-06 | N/A |
An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc. | ||||
CVE-2015-8978 | 1 Soap\ | 1 \ | 2024-08-06 | N/A |
In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the largest entity, which expands to one billion copies of the first entity. The amount of computer memory used for handling an external SOAP call would likely exceed that available to the process parsing the XML. | ||||
CVE-2015-8855 | 1 Nodejs | 1 Node.js | 2024-08-06 | N/A |
The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)." | ||||
CVE-2015-8853 | 2 Fedoraproject, Perl | 2 Fedora, Perl | 2024-08-06 | N/A |
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80." | ||||
CVE-2015-8786 | 3 Oracle, Pivotal Software, Redhat | 3 Solaris, Rabbitmq, Openstack | 2024-08-06 | N/A |
The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter. | ||||
CVE-2015-8341 | 1 Xen | 1 Xen | 2024-08-06 | N/A |
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains. | ||||
CVE-2015-7978 | 2 Ntp, Redhat | 2 Ntp, Enterprise Linux | 2024-08-06 | N/A |
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list. | ||||
CVE-2015-7384 | 1 Nodejs | 1 Node.js | 2024-08-06 | N/A |
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. | ||||
CVE-2015-7313 | 1 Libtiff | 1 Libtiff | 2024-08-06 | N/A |
LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. | ||||
CVE-2015-5695 | 1 Openstack | 1 Designate | 2024-08-06 | N/A |
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set. |