Total
2548 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-3397 | 1 Cisco | 1 Telepresence Mcu Software | 2024-11-21 | 7.8 HIGH | N/A |
The network stack in Cisco TelePresence MCU Software before 4.3(2.30) allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets, aka Bug ID CSCtz35468. | |||||
CVE-2014-3388 | 1 Cisco | 1 Asa | 2024-11-21 | 7.8 HIGH | N/A |
The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2) allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCuo68327. | |||||
CVE-2014-3387 | 1 Cisco | 1 Asa | 2024-11-21 | 7.8 HIGH | N/A |
The SunRPC inspection engine in Cisco ASA Software 7.2 before 7.2(5.14), 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), and 9.1 before 9.1(5.3) allows remote attackers to cause a denial of service (device reload) via crafted SunRPC packets, aka Bug ID CSCun11074. | |||||
CVE-2014-3386 | 1 Cisco | 1 Asa | 2024-11-21 | 7.8 HIGH | N/A |
The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399. | |||||
CVE-2014-3384 | 1 Cisco | 1 Asa | 2024-11-21 | 7.8 HIGH | N/A |
The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401. | |||||
CVE-2014-3383 | 1 Cisco | 1 Asa | 2024-11-21 | 7.8 HIGH | N/A |
The IKE implementation in the VPN component in Cisco ASA Software 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via crafted UDP packets, aka Bug ID CSCul36176. | |||||
CVE-2014-3380 | 1 Cisco | 1 Unified Communications Domain Manager Platform | 2024-11-21 | 5.0 MEDIUM | N/A |
Cisco Unified Communications Domain Manager Platform Software 4.4(.3) and earlier allows remote attackers to cause a denial of service (CPU consumption) by sending crafted TCP packets quickly, aka Bug ID CSCuo42063. | |||||
CVE-2014-3370 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2024-11-21 | 7.1 HIGH | N/A |
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. | |||||
CVE-2014-3369 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2024-11-21 | 7.1 HIGH | N/A |
The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252. | |||||
CVE-2014-3368 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2024-11-21 | 7.8 HIGH | N/A |
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. | |||||
CVE-2014-3362 | 1 Cisco | 4 Telepresence System Edge 75 Mxp, Telepresence System Edge 85 Mxp, Telepresence System Edge 95 Mxp and 1 more | 2024-11-21 | 7.8 HIGH | N/A |
Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677. | |||||
CVE-2014-3359 | 1 Cisco | 2 Ios, Ios Xe | 2024-11-21 | 7.8 HIGH | N/A |
Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081. | |||||
CVE-2014-3353 | 1 Cisco | 1 Ios Xr | 2024-11-21 | 7.1 HIGH | N/A |
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165. | |||||
CVE-2014-3347 | 1 Cisco | 8 1801 Integrated Service Router, 1802 Integrated Service Router, 1803 Integrated Service Router and 5 more | 2024-11-21 | 5.4 MEDIUM | N/A |
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897. | |||||
CVE-2014-3293 | 1 Cisco | 2 Asr901, Ios | 2024-11-21 | 5.0 MEDIUM | N/A |
Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736. | |||||
CVE-2014-3276 | 1 Cisco | 1 Identity Services Engine Software | 2024-11-21 | 4.0 MEDIUM | N/A |
Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780. | |||||
CVE-2014-3224 | 1 Huawei | 14 Quidway S5300, Quidway S5300 Firmware, Quidway S5700 and 11 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
Huawei Quidway S9700 V200R003C00SPC500, Quidway S9300 V200R003C00SPC500, Quidway S7700 V200R003C00SPC500, Quidway S6700 V200R003C00SPC300, Quidway S6300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300 enable attackers to launch DoS attacks by crafting and sending malformed packets to these vulnerable products. | |||||
CVE-2014-3221 | 1 Huawei | 2 Eudemon8000e, Eudemon8000e Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Huawei Eudemon8000E firewall with software V200R001C01SPC800 and earlier versions allows users to log in to the device using Telnet or SSH. When an attacker sends to the device a mass of TCP packets with special structure, the logging process becomes slow and users may be unable to log in to the device. | |||||
CVE-2014-3199 | 2 Google, Redhat | 5 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 2 more | 2024-11-21 | 5.0 MEDIUM | N/A |
The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object. | |||||
CVE-2014-3195 | 2 Google, Redhat | 5 Chrome, Enterprise Linux Desktop Supplementary, Enterprise Linux Server Supplementary and 2 more | 2024-11-21 | 5.0 MEDIUM | N/A |
Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive information via crafted JavaScript code, related to the PagedSpace::AllocateRaw and NewSpace::AllocateRaw functions in heap/spaces-inl.h, the LargeObjectSpace::AllocateRaw function in heap/spaces.cc, and the Runtime_ArrayConcat function in runtime.cc. |