Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-0798 | 1 Openssl | 1 Openssl | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and crypto/srp/srp_vfy.c. | |||||
CVE-2015-5001 | 1 Ibm | 1 Websphere Portal | 2024-02-28 | 6.8 MEDIUM | 4.3 MEDIUM |
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted document. | |||||
CVE-2015-6273 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623. | |||||
CVE-2015-6425 | 1 Cisco | 1 Unified Communications Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786. | |||||
CVE-2016-6376 | 1 Cisco | 6 Wireless Lan Controller, Wireless Lan Controller 6.0, Wireless Lan Controller 7.0 and 3 more | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263. | |||||
CVE-2015-6394 | 1 Cisco | 1 Nx-os | 2024-02-28 | 4.9 MEDIUM | N/A |
The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of service (device crash) via crafted USB parameters, aka Bug ID CSCus89408. | |||||
CVE-2016-1467 | 1 Cisco | 1 Videoscape Session Resource Manager | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
Cisco Videoscape Session Resource Manager (VSRM) allows remote attackers to cause a denial of service (device restart) by sending a traffic flood to upstream devices, aka Bug ID CSCva01813. | |||||
CVE-2015-0765 | 1 Cisco | 1 Ons 15454 System Software | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. | |||||
CVE-2016-5426 | 1 Powerdns | 1 Authoritative | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname. | |||||
CVE-2015-1819 | 8 Apple, Canonical, Debian and 5 more | 12 Iphone Os, Mac Os X, Tvos and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. | |||||
CVE-2015-6377 | 1 Cisco | 1 Virtual Topology System | 2024-02-28 | 7.8 HIGH | N/A |
Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379. | |||||
CVE-2015-3725 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | N/A |
MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app. | |||||
CVE-2016-1465 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985. | |||||
CVE-2015-0971 | 2 Debian, Openinfosecfoundation | 2 Debian Linux, Suricata | 2024-02-28 | 5.0 MEDIUM | N/A |
The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates. | |||||
CVE-2015-6271 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008. | |||||
CVE-2015-6367 | 1 Cisco | 1 Aironet Access Point Software | 2024-02-28 | 7.8 HIGH | N/A |
Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374. | |||||
CVE-2015-6733 | 1 Mediawiki | 1 Mediawiki | 2024-02-28 | 5.0 MEDIUM | N/A |
GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. | |||||
CVE-2015-3241 | 1 Openstack | 1 Nova | 2024-02-28 | 6.8 MEDIUM | N/A |
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance. | |||||
CVE-2015-6321 | 1 Cisco | 3 Content Security Management Appliance, Email Security Appliance, Web Security Appliance | 2024-02-28 | 7.8 HIGH | N/A |
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug IDs CSCus79774, CSCus79777, and CSCzv95795. | |||||
CVE-2015-4291 | 1 Cisco | 1 Ios Xe | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted series of fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCtd72617. |