Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-1399 | 1 Cisco | 15 Ie-4000-16gt4g-e, Ie-4000-16t4g-e, Ie-4000-4gc4gp4g-e and 12 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices allows remote attackers to cause a denial of service (packet data corruption) via crafted IPv4 ICMP packets, aka Bug ID CSCuy13431. | |||||
CVE-2015-1792 | 1 Openssl | 1 Openssl | 2024-02-28 | 5.0 MEDIUM | N/A |
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. | |||||
CVE-2015-4280 | 1 Cisco | 1 Prime Collaboration | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844. | |||||
CVE-2016-6401 | 1 Cisco | 1 Carrier Routing System | 2024-02-28 | 5.7 MEDIUM | 5.3 MEDIUM |
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494. | |||||
CVE-2015-4223 | 1 Cisco | 1 Ios Xr | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Protocol (LDP) packets, aka Bug ID CSCuu77478. | |||||
CVE-2015-0744 | 1 Cisco | 3 Dta Control System, Headend Digital Broadband Delivery System, Headend System Release | 2024-02-28 | 7.8 HIGH | N/A |
Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. | |||||
CVE-2015-2339 | 2 Microsoft, Vmware | 6 Windows, Fusion, Horizon Client and 3 more | 2024-02-28 | 6.1 MEDIUM | N/A |
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338. | |||||
CVE-2016-6424 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942. | |||||
CVE-2015-6292 | 1 Cisco | 1 Web Security Appliance | 2024-02-28 | 7.8 HIGH | N/A |
The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple proxy connections, aka Bug ID CSCus10922. | |||||
CVE-2016-1383 | 1 Cisco | 2 Web Security Appliance, Web Security Appliance \(wsa\) | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305. | |||||
CVE-2015-4293 | 1 Cisco | 1 Ios Xe | 2024-02-28 | 5.0 MEDIUM | N/A |
The packet-reassembly implementation in Cisco IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (CPU consumption or packet loss) via fragmented (1) IPv4 or (2) IPv6 packets that trigger ATTN-3-SYNC_TIMEOUT errors after reassembly failures, aka Bug ID CSCuo37957. | |||||
CVE-2016-6407 | 1 Cisco | 1 Web Security Appliance | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219. | |||||
CVE-2016-0751 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header. | |||||
CVE-2015-1943 | 1 Ibm | 1 Websphere Portal | 2024-02-28 | 7.8 HIGH | N/A |
IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request. | |||||
CVE-2015-0769 | 1 Cisco | 1 Ios Xr Software | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546. | |||||
CVE-2015-1987 | 1 Ibm | 1 Websphere Mq Light | 2024-02-28 | 7.8 HIGH | N/A |
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1958. | |||||
CVE-2016-1275 | 1 Juniper | 1 Junos | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface. | |||||
CVE-2015-0742 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-02-28 | 5.0 MEDIUM | N/A |
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398. | |||||
CVE-2015-4301 | 1 Cisco | 7 Nexus 93120tx, Nexus 93128tx, Nexus 9332pq and 4 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225. | |||||
CVE-2014-9745 | 4 Canonical, Debian, Freetype and 1 more | 4 Ubuntu Linux, Debian Linux, Freetype and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. |