| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. |
| Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0005 allows remote authenticated users to cause a denial of service (ABEND) via search operations that trigger recursive filter_free calls. |
| Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." |
| The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call. |
| Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated. |
| ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response. |
| org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response. |
| Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted web site, related to "certain hash tables." |
| The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603. |
| The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets, aka Bug ID CSCtw84068. |
| The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert. |
| IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data. |
| Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote attackers to cause a denial of service (memory consumption and daemon outage) by sending many embedded objects in e-mail messages for iPhone clients. |
| The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack. |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability." |
| Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) by making many TCP connection attempts. |
| APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet. |
| Cisco Hosted Collaboration Mediation allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets on port 162, aka Bug ID CSCug85756. |
| Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. |
