CWE:
 

Topic
Date
Author
Low
Linkedin iOS 9.11.8592.4 CPU Resource Exhaustion
03.08.2018
Juan Sacco
Med.
Asterisk 13.17.2dfsg-2 Memory Exhaustion
30.11.2017
Juan Sacco
Med.
Apple macOS 10.12.2 Safari SSL handshake MiTM Memory Exhaustion
14.12.2016
Maksymilian Arciemowic...
Med.
Apache HTTPD Web Server 2.4.23 Memory Exhaustion
06.12.2016
Naveen Tiwari
Med.
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC)
25.10.2015
Maksymilian Arciemowic...
Med.
Bash 4.3 uncontrolled resources exhaustion
26.04.2015
Maksymilian Arciemowic...
High
Drupal 7.34 Memory Exhaustion
02.12.2014
Javer Nieto and Andres...
Med.
C++11 <regex> insecure by default
31.07.2014
Maksymilian Arciemowic...
Med.
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service
13.03.2014
Maksymilian Arciemowic...
Med.
Microsoft Windows 8.1 XMLDOM XML Injection Vulnerability
27.02.2014
soroush
Med.
lighttpd multiple issues (setuid unchecked; FAM read after free)
13.11.2013
Stefan Buhler
Med.
Real Player 16.0.2.32 Resource Exhaustion
03.07.2013
Akshaysinh Vaghela
High
3S CODESYS Gateway 2.3.9.27 Gateway Use After Free
28.05.2013
USCERT
Med.
python backports ssl_match_hostname Resource Exhaustion 0day
15.05.2013
Florian Weimer
Med.
MacOSX 10.10.5 ftpd Resource Exhaustion (APPLE-SA-2015-09-30-3) *youtube
10.04.2013
Maksymilian Arciemowic...
Med.
Cisco Firewall Services Module Software Multiple Vulnerabilities
10.04.2013
Cisco
Med.
easyftpsvr-1.7.0.2 Resource Exhaustion
06.04.2013
AkaStep
Med.
BIND 9 Memory Exhaustion
28.03.2013
Matthew Horsfall
Med.
FreeBSD 9.1 ftpd Remote Denial of Service
01.02.2013
Maksymilian Arciemowic...
Med.
FreeBSD/GNU ftpd remote denial of service exploit
31.01.2013
DevilTeam
Low
linux kernel Btrfs CRC32C infinite loop and privilege boundaries
14.12.2012
Pascal Junod
Med.
Splunk 4.3.x Denial Of Service
03.11.2012
nruns
High
Mozilla Firefox nsHTMLSelectElement Remote Code Execution
04.08.2012
regenrecht
Med.
FileZilla Server version 0.9.41 beta Remote DOS (CPU exhaustion) POC
12.07.2012
coolkaveh
Med.
Microsoft IIS 6, 7.5 FTP Server Remote Denial Of Service
04.07.2012
coolkaveh
Low
WordPress DoS Vulnerability
16.04.2012
MustLive
Med.
PHP 5.4/5.3 deprecated eregi() memory_limit bypass
30.03.2012
Maksymilian Arciemowic...
Med.
PHP 5.4 5.3 memory_limit bypass poc
30.03.2012
Maksymilian Arciemowic...
Med.
PHP 5.4.0 remote memory exhaustion
26.03.2012
ls
Low
Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit
23.03.2012
Gjoko 'LiquidWorm' Krs...
Med.
PHP 5.3.8 Hashtables Proof Of Concept
02.01.2012
me
High
MS11-064 TCP/IP Stack Denial of Service
23.10.2011
Byoungyoung Lee
Med.
IceWarp Mail Server 10.3.2 Multiple Vulnerabilities
04.10.2011
David Kirkpatrick of T...
Med.
Palm Pre WebOS version <= 1.1 Floating Point Exception
17.09.2011
PalmPreHacker
Low
Wireshark 1.6.1 Malformed IKE Packet Denial of Service
26.08.2011
nipc
Med.
PHP 5.3.6 ZipArchive invalid use glob(3)
19.08.2011
Maksymilian Arciemowic...
High
Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)
16.08.2011
mr_me
High
Mozilla Firefox 3.6.16 mChannel use after free vulnerability
12.08.2011
metasploit
High
Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)
08.08.2011
Rh0[at]z1p.biz
Med.
Arbitrary files deletion in Novell File Reporter 1.0.4.2
19.07.2011
Luigi Auriemma
Med.
Post Revolution 0.8.0c Multiple Remote Vulnerabilities
09.06.2011
Javier Bassi
Med.
Multiple Vendors libc/fnmatch(3) DoS (incl apache poc)
13.05.2011
Maksymilian Arciemowic...
High
Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
15.03.2011
MJ Keith
High
*bsd libc/glob resource exhaustion (ftpd exploit)
04.03.2011
Maksymilian Arciemowic...
Med.
vsftpd 2.3.2 remote denial-of-service
01.03.2011
Maksymilian Arciemowic...
High
Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
21.02.2011
VMware Security Team
Med.
Apache Tomcat DoS Vulnerability
14.02.2011
Tomcat security team
Med.
Wireshark ZigBee ZCL Dissector Infinite Loop Denial of Service
15.01.2011
Fred Fierling
High
Multiple Vendors (Internet Explorer, Mozilla etc) remote code execution
12.01.2011
Michal Zalewski
Med.
GNU libc/regcomp(3) Multiple Vulnerabilities
07.01.2011
Maksymilian Arciemowic...
High
linux 2.6.37rc5 econet AUN-over-UDP receive NULL dereference
01.01.2011
Nelson Elhage
Low
Linux Kernel 2.6.35.9 \'setup_arg_pages()\' Denial of Service Vulnerability
02.12.2010
Roland McGrath
Low
Linux Kernel 2.6.37:rc2 Unix Sockets Local Denial of Service
02.12.2010
Key Night
Med.
OpenTTD Client Disconnection Handling Use-after-free Vulnerability
25.11.2010
Vulnerability reported...
Low
Linux Kernel \'perf_event_mmap()\' Local Denial of Service Vulnerability
25.11.2010
Dave Jones
High
Camtron CMNC-200 IP Camera Denial of Service Vulnerability
18.11.2010
Trustwave's SpiderLabs
Med.
IBM OmniFind Crawler Denial of Service Vulnerability
15.11.2010
Fatih Kilic
High
Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit
12.11.2010
Matteo Memelli
High
Internet Explorer Memory Corruption 0day Vulnerability
12.11.2010
unknown
High
Internet Explorer Memory Corruption 0day Vulnerability
09.11.2010
unknown
Med.
IBM solidDB <= 6.5.0.3 Denial of Service Vulnerability
27.10.2010
null
High
Multiple Vendors libc/glob(3) remote ftpd resource exhaustion
07.10.2010
Maksymilian Arciemowic...
High
Adobe Acrobat Reader and Flash \'newfunction\' Remote Code Execution Vulnerability
28.09.2010
Abysssec
Med.
FreeType 2.4.1 Memory corruption flaw by processing certain
22.08.2010
Jan Lieskovsky
Med.
FreeType 2.4.1 Memory corruption
22.08.2010
Robert Swiecki
High
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)
20.08.2010
Piotr Bania
Med.
Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
18.08.2010
Tavis Ormandy
Med.
cabextract -- 1, Infinite loop in MS-ZIP
10.08.2010
Jan Lieskovsky
Med.
Firefox, Internet Explorer, Chrome and Opera DoS vulnerabilities
03.06.2010
MustLive
Med.
Firefox, Internet Explorer, Chrome, Opera and other browsers DoS vulnerabilities
26.05.2010
MustLive
Med.
Firefox 3.6.3 (latest) <= memory exhaustion crash vulnerabilities
25.05.2010
geinblues
Med.
Apache ActiveMQ 5.4.0 source code disclosure vulnerability
30.04.2010
Secpod
Med.
IBM BladeCenter Management Module - DoS vulnerability
19.04.2010
Alexandr Polyakov
Low
kadmind in older krb5 denial of service
10.04.2010
Tom Yu
High
Internet Explorer 8/7 Java Html Codes INJECTION
06.03.2010
7H3_BoSs
High
VNC mode can crash QEMU
26.10.2009
Mark McLoughlin
High
linux kernel 2.6.27.21 and prior multiple vulnerabilities
22.10.2009
Josh Bressers
High
Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce
16.10.2009
Adam Zabrocki
High
Security Notice for CA Anti-Virus Engine
14.10.2009
Williams, James K
High
AOL 9.1 SuperBuddy ActiveX Control SetSuperBuddy() remote code execution exploit
13.10.2009
nine:situations:group:...
Med.
Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit
23.09.2009
Jeremy Brown
High
Windows Vista/2008 (SMB2.0) Remote Command Execution
08.09.2009
Laurent Gaffi
Med.
MS Internet Explorer (Javascript SetAttribute) Remote Crash Exploit
02.09.2009
Irfan Asrar
High
Borland VisiBroker Smart Agent <= 08.00.00.C1.03 Remote Heap Overflow Vulnerability
31.08.2009
Luigi Auriemma
High
LogMeIn Remote Access Utility ActiveX Memory Corruption
27.08.2009
Yag Kohha
Med.
DoS vulnerabilities in Mozilla Firefox, Internet Explorer and Chrome
26.08.2009
MustLive
Med.
Security Notice for CA Host-Based Intrusion Prevention System
26.08.2009
Kotas
Low
Failed assertion in the Unreal engine
24.08.2009
Luigi Auriemma
Med.
Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service
20.08.2009
Maksymilian Arciemowic...
High
AST-2009-005: Remote Crash Vulnerability in SIP channel driver
14.08.2009
Asterisk Security Team
High
OpenBSD 4.3 up to 4.5: PF null pointer dereference - remote DoS
12.08.2009
rembrandt
Med.
DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
26.07.2009
MustLive
High
One bug to rule them all Firefox, IE, Safari, Opera, Chrome, Seamonkey
26.07.2009
Thierry Zoller
Low
Apache (mod_deflate) Denial of Service Vulnerability
12.07.2009
Franois Guerraz
High
phion airlock Web Application Firewall: Remote DoS & Command Execution
07.07.2009
Kirchner Michael
Med.
Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability
04.06.2009
CORE Security Technolo...
Med.
Firefox (all?) Denial of Service through unclamped loop (SVG)
02.06.2009
Thierry Zoller
Med.
TYPSoft FTP Server 1.11 (ABORT) Remote DoS Exploit
20.05.2009
Jonathan Salwan
Med.
Google Chrome 1.0.154.53 (Null Pointer) Remote Crash
05.05.2009
Aditya K Sood
Med.
Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS
05.04.2009
mu-b


CVEMAP Search Results

CVE
Details
Description
2019-09-04
Medium
CVE-2019-15921

Vendor: Linux
Software: Linux kernel
 

 
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.

 
2019-08-30
Medium
CVE-2019-12402

Vendor: Apache
Software: Commons compress
 

 
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.

 
High
CVE-2019-1967

Vendor: Cisco
Software: Nx-os
 

 
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload. Note: The NTP feature is enabled by default.

 
2019-08-29
High
CVE-2019-15807

Vendor: Linux
Software: Linux kernel
 

 
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

 
2019-08-28
Medium
CVE-2019-15753

Vendor: Openstack
Software: Os-vif
 

 
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instances belonging to other tenants sharing the same network. Only deployments using the linuxbridge backend are affected. This occurs in PyRoute2.add() in internal/command/ip/linux/impl_pyroute2.py.

 
2019-08-27
Medium
CVE-2019-15702

Vendor: Riot-os
Software: RIOT
 

 
In the TCP implementation (gnrc_tcp) in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c has an infinite loop for an unknown zero-length option.

 
2019-08-26
Medium
CVE-2019-15549

Updating...
 

 
An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field.

 
Medium
CVE-2019-15542

Vendor: Ammonia project
Software: Ammonia
 

 
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization.

 
2019-08-25
High
CVE-2019-15538

Vendor: Linux
Software: Linux kernel
 

 
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.

 
2019-08-15
Low
CVE-2017-14232

Vendor: FLIF
Software: FLIF
 

 
The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top