CWE:
 

Topic
Date
Author
Med.
Bash 4.3 uncontrolled resources exhaustion
26.04.2015
CXSECURITY
High
Drupal 7.34 Memory Exhaustion
02.12.2014
Javer Nieto and Andres...
Med.
C++11 <regex> insecure by default
31.07.2014
Maksymilian Arciemowic...
Med.
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service
13.03.2014
CXSECURITY
Med.
Microsoft Windows 8.1 XMLDOM XML Injection Vulnerability
27.02.2014
soroush
Med.
lighttpd multiple issues (setuid unchecked; FAM read after free)
13.11.2013
Stefan Buhler
Med.
Real Player 16.0.2.32 Resource Exhaustion
03.07.2013
Akshaysinh Vaghela
High
3S CODESYS Gateway 2.3.9.27 Gateway Use After Free
28.05.2013
USCERT
Med.
python backports ssl_match_hostname Resource Exhaustion 0day
15.05.2013
Florian Weimer
High
MacOSX 10.8.3 ftpd Resource Exhaustion *youtube
10.04.2013
Maksymilian Arciemowic...
Med.
Cisco Firewall Services Module Software Multiple Vulnerabilities
10.04.2013
Cisco
Med.
easyftpsvr-1.7.0.2 Resource Exhaustion
06.04.2013
AkaStep
Med.
BIND 9 Memory Exhaustion
28.03.2013
Matthew Horsfall
Med.
FreeBSD 9.1 ftpd Remote Denial of Service
01.02.2013
Maksymilian Arciemowic...
Med.
FreeBSD/GNU ftpd remote denial of service exploit
31.01.2013
DevilTeam
Low
linux kernel Btrfs CRC32C infinite loop and privilege boundaries
14.12.2012
Pascal Junod
Med.
Splunk 4.3.x Denial Of Service
03.11.2012
nruns
High
Mozilla Firefox nsHTMLSelectElement Remote Code Execution
04.08.2012
regenrecht
Med.
FileZilla Server version 0.9.41 beta Remote DOS (CPU exhaustion) POC
12.07.2012
coolkaveh
Med.
Microsoft IIS 6, 7.5 FTP Server Remote Denial Of Service
04.07.2012
coolkaveh
Low
WordPress DoS Vulnerability
16.04.2012
MustLive
Med.
PHP 5.4/5.3 deprecated eregi() memory_limit bypass
30.03.2012
Maksymilian Arciemowic...
Med.
PHP 5.4 5.3 memory_limit bypass poc
30.03.2012
Maksymilian Arciemowic...
Med.
PHP 5.4.0 remote memory exhaustion
26.03.2012
ls
Low
Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit
23.03.2012
Gjoko 'LiquidWorm' Krs...
Med.
PHP 5.3.8 Hashtables Proof Of Concept
02.01.2012
me
High
MS11-064 TCP/IP Stack Denial of Service
23.10.2011
Byoungyoung Lee
Med.
IceWarp Mail Server 10.3.2 Multiple Vulnerabilities
04.10.2011
David Kirkpatrick of T...
Med.
Palm Pre WebOS version <= 1.1 Floating Point Exception
17.09.2011
PalmPreHacker
Low
Wireshark 1.6.1 Malformed IKE Packet Denial of Service
26.08.2011
nipc
Med.
PHP 5.3.6 ZipArchive invalid use glob(3)
19.08.2011
Maksymilian Arciemowic...
High
Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)
16.08.2011
mr_me
High
Mozilla Firefox 3.6.16 mChannel use after free vulnerability
12.08.2011
metasploit
High
Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)
08.08.2011
Rh0[at]z1p.biz
Med.
Arbitrary files deletion in Novell File Reporter 1.0.4.2
19.07.2011
Luigi Auriemma
Med.
Post Revolution 0.8.0c Multiple Remote Vulnerabilities
09.06.2011
Javier Bassi
Med.
Multiple Vendors libc/fnmatch(3) DoS (incl apache poc)
13.05.2011
Maksymilian Arciemowic...
High
Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
15.03.2011
MJ Keith
High
*bsd libc/glob resource exhaustion (ftpd exploit)
04.03.2011
Maksymilian Arciemowic...
Med.
vsftpd 2.3.2 remote denial-of-service
01.03.2011
Maksymilian Arciemowic...
High
Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
21.02.2011
VMware Security Team
Med.
Apache Tomcat DoS Vulnerability
14.02.2011
Tomcat security team
Med.
Wireshark ZigBee ZCL Dissector Infinite Loop Denial of Service
15.01.2011
Fred Fierling
High
Multiple Vendors (Internet Explorer, Mozilla etc) remote code execution
12.01.2011
Michal Zalewski
Med.
GNU libc/regcomp(3) Multiple Vulnerabilities
07.01.2011
Maksymilian Arciemowic...
High
linux 2.6.37rc5 econet AUN-over-UDP receive NULL dereference
01.01.2011
Nelson Elhage
Low
Linux Kernel 2.6.35.9 'setup_arg_pages()' Denial of Service Vulnerability
02.12.2010
Roland McGrath
Low
Linux Kernel 2.6.37:rc2 Unix Sockets Local Denial of Service
02.12.2010
Key Night
Med.
OpenTTD Client Disconnection Handling Use-after-free Vulnerability
25.11.2010
Vulnerability reported...
Low
Linux Kernel 'perf_event_mmap()' Local Denial of Service Vulnerability
25.11.2010
Dave Jones
High
Camtron CMNC-200 IP Camera Denial of Service Vulnerability
18.11.2010
Trustwave's SpiderLabs
Med.
IBM OmniFind Crawler Denial of Service Vulnerability
15.11.2010
Fatih Kilic
High
Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit
12.11.2010
Matteo Memelli
High
Internet Explorer Memory Corruption 0day Vulnerability
12.11.2010
unknown
High
Internet Explorer Memory Corruption 0day Vulnerability
09.11.2010
unknown
Med.
IBM solidDB <= 6.5.0.3 Denial of Service Vulnerability
27.10.2010
null
High
Multiple Vendors libc/glob(3) remote ftpd resource exhaustion
07.10.2010
Maksymilian Arciemowic...
High
Adobe Acrobat Reader and Flash 'newfunction' Remote Code Execution Vulnerability
28.09.2010
Abysssec
Med.
FreeType 2.4.1 Memory corruption flaw by processing certain
22.08.2010
Jan Lieskovsky
Med.
FreeType 2.4.1 Memory corruption
22.08.2010
Robert Swiecki
High
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)
20.08.2010
Piotr Bania
Med.
Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
18.08.2010
Tavis Ormandy
Med.
cabextract -- 1, Infinite loop in MS-ZIP
10.08.2010
Jan Lieskovsky
Med.
Firefox, Internet Explorer, Chrome and Opera DoS vulnerabilities
03.06.2010
MustLive
Med.
Firefox, Internet Explorer, Chrome, Opera and other browsers DoS vulnerabilities
26.05.2010
MustLive
Med.
Firefox 3.6.3 (latest) <= memory exhaustion crash vulnerabilities
25.05.2010
geinblues
Med.
Apache ActiveMQ 5.4.0 source code disclosure vulnerability
30.04.2010
Secpod
Med.
IBM BladeCenter Management Module - DoS vulnerability
19.04.2010
Alexandr Polyakov
Low
kadmind in older krb5 denial of service
10.04.2010
Tom Yu
High
Internet Explorer 8/7 Java Html Codes INJECTION
06.03.2010
7H3_BoSs
High
VNC mode can crash QEMU
26.10.2009
Mark McLoughlin
High
linux kernel 2.6.27.21 and prior multiple vulnerabilities
22.10.2009
Josh Bressers
High
Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce
16.10.2009
Adam Zabrocki
High
Security Notice for CA Anti-Virus Engine
14.10.2009
Williams, James K
High
AOL 9.1 SuperBuddy ActiveX Control SetSuperBuddy() remote code execution exploit
13.10.2009
nine:situations:group:...
Med.
Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit
23.09.2009
Jeremy Brown
High
Windows Vista/2008 (SMB2.0) Remote Command Execution
08.09.2009
Laurent Gaffié
Med.
MS Internet Explorer (Javascript SetAttribute) Remote Crash Exploit
02.09.2009
Irfan Asrar
High
Borland VisiBroker Smart Agent <= 08.00.00.C1.03 Remote Heap Overflow Vulnerability
31.08.2009
Luigi Auriemma
High
LogMeIn Remote Access Utility ActiveX Memory Corruption
27.08.2009
Yag Kohha
Med.
DoS vulnerabilities in Mozilla Firefox, Internet Explorer and Chrome
26.08.2009
MustLive
Med.
Security Notice for CA Host-Based Intrusion Prevention System
26.08.2009
Kotas
Low
Failed assertion in the Unreal engine
24.08.2009
Luigi Auriemma
Med.
Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service
20.08.2009
Maksymilian Arciemowic...
High
AST-2009-005: Remote Crash Vulnerability in SIP channel driver
14.08.2009
Asterisk Security Team
High
OpenBSD 4.3 up to 4.5: PF null pointer dereference - remote DoS
12.08.2009
rembrandt
Med.
DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
26.07.2009
MustLive
High
One bug to rule them all Firefox, IE, Safari, Opera, Chrome, Seamonkey
26.07.2009
Thierry Zoller
Low
Apache (mod_deflate) Denial of Service Vulnerability
12.07.2009
François Guerraz
High
phion airlock Web Application Firewall: Remote DoS & Command Execution
07.07.2009
Kirchner Michael
Med.
Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability
04.06.2009
CORE Security Technolo...
Med.
Firefox (all?) Denial of Service through unclamped loop (SVG)
02.06.2009
Thierry Zoller
Med.
TYPSoft FTP Server 1.11 (ABORT) Remote DoS Exploit
20.05.2009
Jonathan Salwan
Med.
Google Chrome 1.0.154.53 (Null Pointer) Remote Crash
05.05.2009
Aditya K Sood
Med.
Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS
05.04.2009
mu-b
Low
Serv-U 7.4.0.1 (SMNT) Denial of Service Exploit (post auth)
20.03.2009
Jonathan Salwan
High
EMC NetWorker Denial of Service Vulnerability
21.02.2009
Fortinet's FortiGuard
Med.
Titan FTP server 6.26 build 630 Remote Denial of Service Exploit
07.02.2009
Anon
Low
QIP 2005 Denial of Service Vulnerability
06.02.2009
Maxim Kulakov
Med.
F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass
31.12.2008
iViZ


CVEMAP Search Results

CVE
Details
Description
2015-02-19
Medium
CVE-2014-6303

Vendor: Pnmsoft
Software: Sequence kin...
 

 
The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 do not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

 
2015-02-17
Medium
CVE-2015-0617

Vendor: Cisco
Software: Asr 5000 ser...
 

 
Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices allow remote attackers to cause a denial of service (CPU consumption and SNMP outage) via malformed SNMP packets, aka Bug ID CSCur13393.

 
2015-02-12
Low
CVE-2014-4771

Vendor: IBM
Software: Websphere mq
 

 
IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before 7.5.0.5, and 8 before 8.0.0.1 allows remote authenticated users to cause a denial of service (queue-slot exhaustion) by leveraging PCF query privileges for a crafted query.

 
Medium
CVE-2015-0593

Vendor: Cisco
Software: IOS
 

 
The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and earlier does not properly manage session-object structures, which allows remote attackers to cause a denial of service (device reload) via crafted network traffic, aka Bug ID CSCul65003.

 
2015-02-11
High
CVE-2015-0592

Vendor: Cisco
Software: IOS
 

 
The Zone-Based Firewall implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers incorrect kernel-timer handling, aka Bug ID CSCuh25672.

 
Medium
CVE-2015-0619

Vendor: Cisco
Software: Adaptive sec...
 

 
Memory leak in the embedded web server in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and SSL outage) via multiple crafted HTTP requests, aka Bug ID CSCue05458.

 
2015-02-09
Low
CVE-2015-1558

Vendor: Digium
Software: Asterisk
 

 
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.

 
2015-02-03
Medium
CVE-2015-1381

Vendor: Privoxy
Software: Privoxy
 

 
Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.

 
2015-02-01
High
CVE-2014-7266

Vendor: Cybozu
Software: Remote servi...
 

 
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1983.

 
2015-01-20
Medium
CVE-2015-1030

Vendor: Privoxy
Software: Privoxy
 

 
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.

 

 


Copyright 2015, cxsecurity.com