CWE:
 

Topic
Date
Author
Low
Android Private Internet Access Denial Of Service
30.10.2017
nightwatchcybersecurit...
Low
libgedit.a mishandling NUL Blocks in gedit(GNOME text editor)
02.09.2017
Hosein Askari
Low
Trihedral VTScada DoS / XSS / Information Disclosure
01.07.2017
Karn Ganeshen
Med.
MikroTik UDP Flood Denial of Service
10.05.2017
Hosein Askari
Med.
BackBox OS Denial Of Service(CPU Consumption)
01.04.2017
Hosein Askari(FarazPaj...
Med.
MikroTik RouterBoard V-6.38.5 Denial Of Service | CPU Consumption
28.03.2017
Hosein Askari (FarazPa...
Med.
Android Qualcomm GPS/GNSS Man-In-The-Middle
12.10.2016
Yakov Shafranovich
Low
Open-Xchange App Suite 7.8.1 Information Disclosure
23.06.2016
Martin Heiland
Med.
SAP Afaria 7 XcListener DoS in the module XeClient.Dll
19.06.2015
Vahagn Vardanyan
Med.
XMPP-Layer Compression Uncontrolled Resource Consumption
06.04.2014
Giancarlo Pellegrino
Low
Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit
06.05.2012
condis


CVEMAP Search Results

CVE
Details
Description
2017-10-27
Low
CVE-2017-6161

Vendor: F5
Software: Big-ip acces...
 

 
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.

 
2017-10-26
Medium
CVE-2017-15882

Updating...
 

 
The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android allows remote attackers to cause a denial of service (application crash) via a large VPN server-list file.

 
2017-10-24
Medium
CVE-2017-15871

Vendor: Serialize-to-js project
Software: Serialize-to-js
 

 
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function()" substring, as demonstrated by a "function(){console.log(" call or a simple infinite loop. NOTE: the vendor agrees that denial of service can occur but notes that deserialize is explicitly listed as "harmful" within the README.md file.

 
2017-10-19
Medium
CVE-2017-12293

Vendor: Cisco
Software: Webex meetin...
 

 
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.

 
2017-10-18
Medium
CVE-2017-15595

Vendor: XEN
Software: XEN
 

 
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.

 
Medium
CVE-2017-15596

Vendor: XEN
Software: XEN
 

 
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.

 
Low
CVE-2014-7813

Vendor: Redhat
Software: Cloudforms 3...
 

 
Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols.

 
2017-10-10
Medium
CVE-2015-7384

Vendor: Nodejs
Software: Node.js
 

 
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

 
2017-09-20
High
CVE-2017-14339

Vendor: Yadifa
Software: Yadifa
 

 
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.

 
2017-04-09
Low
CVE-2017-7594

Vendor: Libtiff
Software: Libtiff
 

 
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

 

 


Copyright 2017, cxsecurity.com

 

Back to Top