Vulnerabilities (CVE)

Filtered by CWE-400
Total 1619 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-1784 1 Apple 3 Iphone Os, Safari, Tvos 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site.
CVE-2016-4592 2 Apple, Webkitgtk 5 Iphone Os, Safari, Tvos and 2 more 2024-02-28 7.1 HIGH 6.5 MEDIUM
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
CVE-2016-4037 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-02-28 4.9 MEDIUM 6.0 MEDIUM
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
CVE-2015-1779 6 Canonical, Debian, Fedoraproject and 3 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2024-02-28 7.8 HIGH 8.6 HIGH
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
CVE-2016-6307 1 Openssl 1 Openssl 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem/statem.c and statem/statem_lib.c.
CVE-2016-6172 2 Opensuse, Powerdns 3 Leap, Opensuse, Authoritative Server 2024-02-28 7.1 HIGH 6.8 MEDIUM
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
CVE-2014-3328 1 Cisco 1 Unified Presence Server 2024-02-28 5.0 MEDIUM N/A
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
CVE-2014-8124 4 Fedoraproject, Openstack, Opensuse and 1 more 4 Fedora, Horizon, Opensuse and 1 more 2024-02-28 5.0 MEDIUM N/A
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.
CVE-2014-3690 7 Canonical, Debian, Linux and 4 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
CVE-2014-3407 1 Cisco 1 Adaptive Security Appliance Software 2024-02-28 5.0 MEDIUM N/A
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.
CVE-2014-3687 8 Canonical, Debian, Linux and 5 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-02-28 7.8 HIGH 7.5 HIGH
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.
CVE-2013-5567 1 Cisco 1 Adaptive Security Appliance Software 2024-02-28 5.4 MEDIUM N/A
Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606.
CVE-2014-8559 6 Canonical, Linux, Novell and 3 more 11 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 8 more 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
CVE-2014-7255 1 Iij 8 Seil B1, Seil B1 Firmware, Seil X1 and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50 through 4.62, SEIL/B1 2.50 through 4.62, and SEIL/x86 Fuji 1.70 through 3.22 allow remote attackers to cause a denial of service (CPU and traffic consumption) via a large number of NTP requests within a short time, which causes unnecessary NTP responses to be sent.
CVE-2014-3122 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-02-28 4.9 MEDIUM N/A
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings.
CVE-2012-6638 1 Linux 1 Linux Kernel 2024-02-28 7.8 HIGH N/A
The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663.
CVE-2014-0118 3 Apache, Debian, Redhat 4 Http Server, Debian Linux, Enterprise Linux and 1 more 2024-02-28 4.3 MEDIUM N/A
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.
CVE-2014-7970 3 Canonical, Linux, Novell 3 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Server 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.
CVE-2014-1500 5 Mozilla, Opensuse, Opensuse Project and 2 more 8 Firefox, Seamonkey, Opensuse and 5 more 2024-02-28 5.0 MEDIUM N/A
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.