Total
2851 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-2327 | 1 Juniper | 1 Northstar Controller | 2024-08-05 | N/A |
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | ||||
CVE-2017-2333 | 1 Juniper | 1 Northstar Controller | 2024-08-05 | N/A |
A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a persistent denial of service by visiting certain specific URLs on the server. | ||||
CVE-2017-2322 | 1 Juniper | 1 Northstar Controller | 2024-08-05 | N/A |
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services. | ||||
CVE-2017-0393 | 2 Google, Redhat | 2 Android, Enterprise Linux | 2024-08-05 | N/A |
A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808. | ||||
CVE-2018-1000893 | 1 Bitcoinsv | 1 Bitcoin Sv | 2024-08-05 | 7.5 High |
Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions. | ||||
CVE-2018-1000892 | 1 Bitcoinsv | 1 Bitcoin Sv | 2024-08-05 | 7.5 High |
Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving sendheaders messages. | ||||
CVE-2018-1000808 | 3 Canonical, Pyopenssl Project, Redhat | 7 Ubuntu Linux, Pyopenssl, Enterprise Linux Desktop and 4 more | 2024-08-05 | N/A |
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends upon calling application, however it could be as simple as initiating a TLS connection. Anything that would cause the calling application to reload certificates from a PKCS #12 store.. This vulnerability appears to have been fixed in 17.5.0. | ||||
CVE-2018-1000891 | 1 Bitcoinsv | 1 Bitcoin Sv | 2024-08-05 | 7.5 High |
Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums. | ||||
CVE-2018-1000864 | 2 Jenkins, Redhat | 3 Jenkins, Openshift, Openshift Container Platform | 2024-08-05 | N/A |
A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop. | ||||
CVE-2018-1000654 | 1 Gnu | 1 Libtasn1 | 2024-08-05 | N/A |
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file. | ||||
CVE-2018-1000518 | 1 Websockets Project | 1 Websockets | 2024-08-05 | 7.5 High |
aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5. | ||||
CVE-2018-1000408 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2024-08-05 | N/A |
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory. | ||||
CVE-2018-1000115 | 4 Canonical, Debian, Memcached and 1 more | 5 Ubuntu Linux, Debian Linux, Memcached and 2 more | 2024-08-05 | N/A |
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default. | ||||
CVE-2018-25100 | 2024-08-05 | 5.3 Medium | ||
The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar. | ||||
CVE-2018-21240 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-08-05 | 7.5 High |
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | ||||
CVE-2018-21270 | 2 Nodejs, Redhat | 2 Node.js, Quay | 2024-08-05 | 6.5 Medium |
Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x). | ||||
CVE-2018-21250 | 1 Mattermost | 1 Mattermost Server | 2024-08-05 | 6.5 Medium |
An issue was discovered in Mattermost Server before 5.2.2, 5.1.2, and 4.10.4. It allows remote attackers to cause a denial of service (memory consumption) via crafted image dimensions. | ||||
CVE-2018-21238 | 1 Foxitsoftware | 1 Phantompdf | 2024-08-05 | 7.5 High |
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | ||||
CVE-2018-21035 | 2 Qt, Redhat | 2 Qt, Enterprise Linux | 2024-08-05 | 7.5 High |
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). | ||||
CVE-2018-20961 | 1 Linux | 1 Linux Kernel | 2024-08-05 | 9.8 Critical |
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. |