Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-3754 | 1 Google | 1 Android | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not limit process-memory usage, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28615448. | |||||
CVE-2016-2515 | 1 Hawk Project | 1 Hawk | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU consumption or partial outage) via a long (1) header or (2) URI that is matched against an improper regular expression. | |||||
CVE-2015-5362 | 1 Juniper | 1 Junos | 2024-02-28 | 9.3 HIGH | N/A |
The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D85, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D10 allows remote attackers to cause a denial of service (bfdd crash and restart) or execute arbitrary code via a crafted BFD packet. | |||||
CVE-2015-7540 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets. | |||||
CVE-2015-1745 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1744, and CVE-2015-1766. | |||||
CVE-2016-1367 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248. | |||||
CVE-2015-6252 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation. | |||||
CVE-2015-2013 | 1 Ibm | 1 Websphere Mq | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call. | |||||
CVE-2014-6449 | 1 Juniper | 1 Junos | 2024-02-28 | 5.0 MEDIUM | N/A |
Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R5, and 14.2 before 14.2R1 do not properly handle TCP packet reassembly, which allows remote attackers to cause a denial of service (buffer consumption) via a crafted sequence of packets "destined to the device." | |||||
CVE-2015-7972 | 1 Xen | 1 Xen | 2024-02-28 | 2.1 LOW | N/A |
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure." | |||||
CVE-2015-6431 | 1 Cisco | 1 Ios Xe | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405. | |||||
CVE-2016-2179 | 2 Openssl, Oracle | 2 Openssl, Linux | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. | |||||
CVE-2015-4105 | 1 Xen | 1 Xen | 2024-02-28 | 4.9 MEDIUM | N/A |
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. | |||||
CVE-2016-6381 | 1 Cisco | 6 Ios, Ios Xe, Ios Xe 16.1 and 3 more | 2024-02-28 | 7.1 HIGH | 7.5 HIGH |
Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382. | |||||
CVE-2015-6812 | 1 Invisioncommunity | 1 Invision Power Board | 2024-02-28 | 7.8 HIGH | N/A |
Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.0.12.1 allows remote attackers to cause a denial of service (loop and memory consumption) via a crafted URL. | |||||
CVE-2015-5307 | 5 Canonical, Debian, Linux and 2 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-02-28 | 4.9 MEDIUM | N/A |
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | |||||
CVE-2015-3812 | 2 Oracle, Wireshark | 3 Linux, Solaris, Wireshark | 2024-02-28 | 7.8 HIGH | N/A |
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. | |||||
CVE-2016-3765 | 1 Google | 1 Android | 2024-02-28 | 6.4 MEDIUM | 7.7 HIGH |
decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before 2016-07-01 allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted application, aka internal bug 28168413. | |||||
CVE-2016-6391 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036. | |||||
CVE-2015-8087 | 1 Huawei | 6 Ne20e-s, Ne40e, Ne40e-m and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability." |