CWE:
 

Topic
Date
Author
Low
Linkedin iOS 9.11.8592.4 CPU Resource Exhaustion
03.08.2018
Juan Sacco
Med.
Asterisk 13.17.2dfsg-2 Memory Exhaustion
30.11.2017
Juan Sacco
Med.
Apple macOS 10.12.2 Safari SSL handshake MiTM Memory Exhaustion
14.12.2016
Maksymilian Arciemowic...
Med.
Apache HTTPD Web Server 2.4.23 Memory Exhaustion
06.12.2016
Naveen Tiwari
Med.
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC)
25.10.2015
Maksymilian Arciemowic...
Med.
Bash 4.3 uncontrolled resources exhaustion
26.04.2015
Maksymilian Arciemowic...
High
Drupal 7.34 Memory Exhaustion
02.12.2014
Javer Nieto and Andres...
Med.
C++11 <regex> insecure by default
31.07.2014
Maksymilian Arciemowic...
Med.
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service
13.03.2014
Maksymilian Arciemowic...
Med.
Microsoft Windows 8.1 XMLDOM XML Injection Vulnerability
27.02.2014
soroush
Med.
lighttpd multiple issues (setuid unchecked; FAM read after free)
13.11.2013
Stefan Buhler
Med.
Real Player 16.0.2.32 Resource Exhaustion
03.07.2013
Akshaysinh Vaghela
High
3S CODESYS Gateway 2.3.9.27 Gateway Use After Free
28.05.2013
USCERT
Med.
python backports ssl_match_hostname Resource Exhaustion 0day
15.05.2013
Florian Weimer
Med.
MacOSX 10.10.5 ftpd Resource Exhaustion (APPLE-SA-2015-09-30-3) *youtube
10.04.2013
Maksymilian Arciemowic...
Med.
Cisco Firewall Services Module Software Multiple Vulnerabilities
10.04.2013
Cisco
Med.
easyftpsvr-1.7.0.2 Resource Exhaustion
06.04.2013
AkaStep
Med.
BIND 9 Memory Exhaustion
28.03.2013
Matthew Horsfall
Med.
FreeBSD 9.1 ftpd Remote Denial of Service
01.02.2013
Maksymilian Arciemowic...
Med.
FreeBSD/GNU ftpd remote denial of service exploit
31.01.2013
DevilTeam
Low
linux kernel Btrfs CRC32C infinite loop and privilege boundaries
14.12.2012
Pascal Junod
Med.
Splunk 4.3.x Denial Of Service
03.11.2012
nruns
High
Mozilla Firefox nsHTMLSelectElement Remote Code Execution
04.08.2012
regenrecht
Med.
FileZilla Server version 0.9.41 beta Remote DOS (CPU exhaustion) POC
12.07.2012
coolkaveh
Med.
Microsoft IIS 6, 7.5 FTP Server Remote Denial Of Service
04.07.2012
coolkaveh
Low
WordPress DoS Vulnerability
16.04.2012
MustLive
Med.
PHP 5.4/5.3 deprecated eregi() memory_limit bypass
30.03.2012
Maksymilian Arciemowic...
Med.
PHP 5.4 5.3 memory_limit bypass poc
30.03.2012
Maksymilian Arciemowic...
Med.
PHP 5.4.0 remote memory exhaustion
26.03.2012
ls
Low
Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit
23.03.2012
Gjoko 'LiquidWorm' Krs...
Med.
PHP 5.3.8 Hashtables Proof Of Concept
02.01.2012
me
High
MS11-064 TCP/IP Stack Denial of Service
23.10.2011
Byoungyoung Lee
Med.
IceWarp Mail Server 10.3.2 Multiple Vulnerabilities
04.10.2011
David Kirkpatrick of T...
Med.
Palm Pre WebOS version <= 1.1 Floating Point Exception
17.09.2011
PalmPreHacker
Low
Wireshark 1.6.1 Malformed IKE Packet Denial of Service
26.08.2011
nipc
Med.
PHP 5.3.6 ZipArchive invalid use glob(3)
19.08.2011
Maksymilian Arciemowic...
High
Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)
16.08.2011
mr_me
High
Mozilla Firefox 3.6.16 mChannel use after free vulnerability
12.08.2011
metasploit
High
Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)
08.08.2011
Rh0[at]z1p.biz
Med.
Arbitrary files deletion in Novell File Reporter 1.0.4.2
19.07.2011
Luigi Auriemma
Med.
Post Revolution 0.8.0c Multiple Remote Vulnerabilities
09.06.2011
Javier Bassi
Med.
Multiple Vendors libc/fnmatch(3) DoS (incl apache poc)
13.05.2011
Maksymilian Arciemowic...
High
Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
15.03.2011
MJ Keith
High
*bsd libc/glob resource exhaustion (ftpd exploit)
04.03.2011
Maksymilian Arciemowic...
Med.
vsftpd 2.3.2 remote denial-of-service
01.03.2011
Maksymilian Arciemowic...
High
Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
21.02.2011
VMware Security Team
Med.
Apache Tomcat DoS Vulnerability
14.02.2011
Tomcat security team
Med.
Wireshark ZigBee ZCL Dissector Infinite Loop Denial of Service
15.01.2011
Fred Fierling
High
Multiple Vendors (Internet Explorer, Mozilla etc) remote code execution
12.01.2011
Michal Zalewski
Med.
GNU libc/regcomp(3) Multiple Vulnerabilities
07.01.2011
Maksymilian Arciemowic...
High
linux 2.6.37rc5 econet AUN-over-UDP receive NULL dereference
01.01.2011
Nelson Elhage
Low
Linux Kernel 2.6.35.9 \'setup_arg_pages()\' Denial of Service Vulnerability
02.12.2010
Roland McGrath
Low
Linux Kernel 2.6.37:rc2 Unix Sockets Local Denial of Service
02.12.2010
Key Night
Med.
OpenTTD Client Disconnection Handling Use-after-free Vulnerability
25.11.2010
Vulnerability reported...
Low
Linux Kernel \'perf_event_mmap()\' Local Denial of Service Vulnerability
25.11.2010
Dave Jones
High
Camtron CMNC-200 IP Camera Denial of Service Vulnerability
18.11.2010
Trustwave's SpiderLabs
Med.
IBM OmniFind Crawler Denial of Service Vulnerability
15.11.2010
Fatih Kilic
High
Internet Explorer 6, 7, 8 Memory Corruption 0day Exploit
12.11.2010
Matteo Memelli
High
Internet Explorer Memory Corruption 0day Vulnerability
12.11.2010
unknown
High
Internet Explorer Memory Corruption 0day Vulnerability
09.11.2010
unknown
Med.
IBM solidDB <= 6.5.0.3 Denial of Service Vulnerability
27.10.2010
null
High
Multiple Vendors libc/glob(3) remote ftpd resource exhaustion
07.10.2010
Maksymilian Arciemowic...
High
Adobe Acrobat Reader and Flash \'newfunction\' Remote Code Execution Vulnerability
28.09.2010
Abysssec
Med.
FreeType 2.4.1 Memory corruption flaw by processing certain
22.08.2010
Jan Lieskovsky
Med.
FreeType 2.4.1 Memory corruption
22.08.2010
Robert Swiecki
High
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)
20.08.2010
Piotr Bania
Med.
Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
18.08.2010
Tavis Ormandy
Med.
cabextract -- 1, Infinite loop in MS-ZIP
10.08.2010
Jan Lieskovsky
Med.
Firefox, Internet Explorer, Chrome and Opera DoS vulnerabilities
03.06.2010
MustLive
Med.
Firefox, Internet Explorer, Chrome, Opera and other browsers DoS vulnerabilities
26.05.2010
MustLive
Med.
Firefox 3.6.3 (latest) <= memory exhaustion crash vulnerabilities
25.05.2010
geinblues
Med.
Apache ActiveMQ 5.4.0 source code disclosure vulnerability
30.04.2010
Secpod
Med.
IBM BladeCenter Management Module - DoS vulnerability
19.04.2010
Alexandr Polyakov
Low
kadmind in older krb5 denial of service
10.04.2010
Tom Yu
High
Internet Explorer 8/7 Java Html Codes INJECTION
06.03.2010
7H3_BoSs
High
VNC mode can crash QEMU
26.10.2009
Mark McLoughlin
High
linux kernel 2.6.27.21 and prior multiple vulnerabilities
22.10.2009
Josh Bressers
High
Xpdf - Integer overflow which causes heap overflow and NULL pointer derefernce
16.10.2009
Adam Zabrocki
High
Security Notice for CA Anti-Virus Engine
14.10.2009
Williams, James K
High
AOL 9.1 SuperBuddy ActiveX Control SetSuperBuddy() remote code execution exploit
13.10.2009
nine:situations:group:...
Med.
Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit
23.09.2009
Jeremy Brown
High
Windows Vista/2008 (SMB2.0) Remote Command Execution
08.09.2009
Laurent Gaffi
Med.
MS Internet Explorer (Javascript SetAttribute) Remote Crash Exploit
02.09.2009
Irfan Asrar
High
Borland VisiBroker Smart Agent <= 08.00.00.C1.03 Remote Heap Overflow Vulnerability
31.08.2009
Luigi Auriemma
High
LogMeIn Remote Access Utility ActiveX Memory Corruption
27.08.2009
Yag Kohha
Med.
DoS vulnerabilities in Mozilla Firefox, Internet Explorer and Chrome
26.08.2009
MustLive
Med.
Security Notice for CA Host-Based Intrusion Prevention System
26.08.2009
Kotas
Low
Failed assertion in the Unreal engine
24.08.2009
Luigi Auriemma
Med.
Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service
20.08.2009
Maksymilian Arciemowic...
High
AST-2009-005: Remote Crash Vulnerability in SIP channel driver
14.08.2009
Asterisk Security Team
High
OpenBSD 4.3 up to 4.5: PF null pointer dereference - remote DoS
12.08.2009
rembrandt
Med.
DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
26.07.2009
MustLive
High
One bug to rule them all Firefox, IE, Safari, Opera, Chrome, Seamonkey
26.07.2009
Thierry Zoller
Low
Apache (mod_deflate) Denial of Service Vulnerability
12.07.2009
Franois Guerraz
High
phion airlock Web Application Firewall: Remote DoS & Command Execution
07.07.2009
Kirchner Michael
Med.
Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability
04.06.2009
CORE Security Technolo...
Med.
Firefox (all?) Denial of Service through unclamped loop (SVG)
02.06.2009
Thierry Zoller
Med.
TYPSoft FTP Server 1.11 (ABORT) Remote DoS Exploit
20.05.2009
Jonathan Salwan
Med.
Google Chrome 1.0.154.53 (Null Pointer) Remote Crash
05.05.2009
Aditya K Sood
Med.
Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS
05.04.2009
mu-b


CVEMAP Search Results

CVE
Details
Description
2018-11-02
Low
CVE-2018-18897

Vendor: Freedesktop
Software: Poppler
 

 
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

 
2018-10-25
Low
CVE-2018-18651

Vendor: Xpdfreader
Software: XPDF
 

 
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file.

 
2018-10-20
Low
CVE-2018-18544

Vendor: Imagemagick
Software: Imagemagick
 

 
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.

 
2018-10-18
Low
CVE-2018-18482

Vendor: Libpg query project
Software: Libpg query
 

 
An issue was discovered in libpg_query 10-1.0.2. There is a memory leak in pg_query_raw_parse in pg_query_parse.c, which might lead to a denial of service.

 
2018-10-17
Low
CVE-2018-18443

Vendor: ILM
Software: Openexr
 

 
OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.

 
2018-10-12
High
CVE-2018-18226

Vendor: Wireshark
Software: Wireshark
 

 
In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.

 
2018-10-10
Low
CVE-2018-15311

Vendor: F5
Software: Big-ip acces...
 

 
When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload (LRO) feature enabled, TMM may crash, leading to a failover event. This vulnerability is not exposed unless LRO is enabled, so most affected customers will be on 13.1.x. LRO has been available since 11.4.0 but is not enabled by default until 13.1.0.

 
2018-10-05
Medium
CVE-2018-1647

Vendor: IBM
Software: Qradar incid...
 

 
IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of resources requested which could allow an unauthenticated user to cause a denial of service. IBM X-Force ID: 144650.

 
Low
CVE-2018-0457

Vendor: Cisco
Software: Webex meetin...
 

 
A vulnerability in the Cisco Webex Player for Webex Recording Format (WRF) files could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a user a link or email attachment with a malicious WRF file and persuading the user to open the file in the Cisco Webex Player. A successful exploit could cause the affected player to crash, resulting in a DoS condition. For more information about this vulnerability, see the Details section of this security advisory.

 
High
CVE-2018-0470

Vendor: Cisco
Software: Ios xe
 

 
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly parsing malformed HTTP packets that are destined to a device. An attacker could exploit this vulnerability by sending a malformed HTTP packet to an affected device for processing. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, resulting in a DoS condition.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top