Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
ZyXEL P-660HW UDP fragmentation Denial of Service
12.01.2018
Hosein Askari
Med.
ZyXEL TTL Expiry Denial of Service
25.12.2017
Hosein Askari
Low
Android Private Internet Access Denial Of Service
30.10.2017
nightwatchcybersecurit...
Low
libgedit.a mishandling NUL Blocks in gedit(GNOME text editor)
02.09.2017
Hosein Askari
Low
Trihedral VTScada DoS / XSS / Information Disclosure
01.07.2017
Karn Ganeshen
Med.
MikroTik UDP Flood Denial of Service
10.05.2017
Hosein Askari
Med.
BackBox OS Denial Of Service(CPU Consumption)
01.04.2017
Hosein Askari(FarazPaj...
Med.
MikroTik RouterBoard V-6.38.5 Denial Of Service | CPU Consumption
28.03.2017
Hosein Askari (FarazPa...
Med.
Android Qualcomm GPS/GNSS Man-In-The-Middle
12.10.2016
Yakov Shafranovich
Low
Open-Xchange App Suite 7.8.1 Information Disclosure
23.06.2016
Martin Heiland
Med.
SAP Afaria 7 XcListener DoS in the module XeClient.Dll
19.06.2015
Vahagn Vardanyan
Med.
XMPP-Layer Compression Uncontrolled Resource Consumption
06.04.2014
Giancarlo Pellegrino
Low
Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit
06.05.2012
condis
CVEMAP Search Results
CVE
Details
Description
2018-11-15
High
CVE-2018-0700
Vendor:
Hyuki
Software:
Yukiwiki
YukiWiki 2.1.3 and earlier does not process a particular request properly that may allow consumption of large amounts of CPU and memory resources and may result in causing a denial of service condition.
2018-11-07
High
CVE-2018-16844
Vendor:
Nginx
Software:
Nginx
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
High
CVE-2018-16843
Vendor:
Nginx
Software:
Nginx
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
2018-11-06
Medium
CVE-2018-9444
Vendor:
Google
Software:
Android
In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android ID: A-63521984.
2018-11-03
Low
CVE-2018-18915
Vendor:
Exiv2
Software:
Exiv2
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.
2018-11-02
Medium
CVE-2018-3935
Vendor:
Yitechnology
Software:
Yi home
An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability.
2018-10-31
Low
CVE-2018-14659
Vendor:
Redhat
Software:
Gluster storage
The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and create an arbitrary number of files in the server's runtime directory.
Medium
CVE-2018-18853
Vendor:
Lightbend
Software:
Spray-json
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of a field composed of many decimal digits.
Medium
CVE-2018-18854
Vendor:
Lightbend
Software:
Spray-json
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of many JSON object fields (with keys that have the same hash code).
Low
CVE-2018-15325
Vendor:
F5
Software:
Big-ip acces...
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands
Copyright
2018
, cxsecurity.com
Back to Top
