Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-4774 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | |||||
CVE-2007-6053 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | |||||
CVE-2007-4654 | 3 Cisco, Openbsd, Teamf1 | 4 Content Services Switch 11000, Webns, Openssh and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. | |||||
CVE-2007-6148 | 1 Adobe | 2 Connect Enterprise Server, Flash Media Server 2 | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests. | |||||
CVE-2007-3104 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | 4.9 MEDIUM | N/A |
The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry. | |||||
CVE-2006-7229 | 1 Ubuntu | 1 Linux Kernel | 2024-02-28 | 7.8 HIGH | N/A |
The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic. | |||||
CVE-2006-5757 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 1.2 LOW | N/A |
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. | |||||
CVE-2007-2120 | 1 Oracle | 1 Application Server | 2024-02-28 | 7.8 HIGH | N/A |
The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01. | |||||
CVE-2007-4617 | 1 Bea | 1 Weblogic Server | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote attackers to cause a denial of service (server thread hang) via unspecified vectors. | |||||
CVE-2007-3676 | 1 Ibm | 1 Db2 | 2024-02-28 | 10.0 HIGH | N/A |
IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698. | |||||
CVE-2006-0143 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and cause a denial of service (crash) via a WMF file containing (1) ExtCreateRegion or (2) ExtEscape function calls with arguments with inconsistent lengths. | |||||
CVE-2005-3732 | 1 Ipsec-tools | 1 Ipsec-tools | 2024-02-28 | 7.8 HIGH | N/A |
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | |||||
CVE-2006-0911 | 1 Ipswitch | 1 Whatsup | 2024-02-28 | 5.0 MEDIUM | N/A |
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear. | |||||
CVE-2006-3127 | 1 Sun | 2 Java Enterprise System, Java System Directory Server | 2024-02-28 | 7.8 HIGH | N/A |
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. | |||||
CVE-2005-2975 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2024-02-28 | 7.8 HIGH | N/A |
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors. | |||||
CVE-2006-0883 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2024-02-28 | 5.0 MEDIUM | N/A |
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. | |||||
CVE-2006-3277 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2024-02-28 | 5.0 MEDIUM | N/A |
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument. | |||||
CVE-2005-2548 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd. | |||||
CVE-2006-1993 | 1 Mozilla | 1 Firefox | 2024-02-28 | 5.1 MEDIUM | N/A |
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim. | |||||
CVE-2005-0756 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash). |