CWE:
 

Topic
Date
Author
Med.
ZyXEL P-660HW UDP fragmentation Denial of Service
12.01.2018
Hosein Askari
Med.
ZyXEL TTL Expiry Denial of Service
25.12.2017
Hosein Askari
Low
Android Private Internet Access Denial Of Service
30.10.2017
nightwatchcybersecurit...
Low
libgedit.a mishandling NUL Blocks in gedit(GNOME text editor)
02.09.2017
Hosein Askari
Low
Trihedral VTScada DoS / XSS / Information Disclosure
01.07.2017
Karn Ganeshen
Med.
MikroTik UDP Flood Denial of Service
10.05.2017
Hosein Askari
Med.
BackBox OS Denial Of Service(CPU Consumption)
01.04.2017
Hosein Askari(FarazPaj...
Med.
MikroTik RouterBoard V-6.38.5 Denial Of Service | CPU Consumption
28.03.2017
Hosein Askari (FarazPa...
Med.
Android Qualcomm GPS/GNSS Man-In-The-Middle
12.10.2016
Yakov Shafranovich
Low
Open-Xchange App Suite 7.8.1 Information Disclosure
23.06.2016
Martin Heiland
Med.
SAP Afaria 7 XcListener DoS in the module XeClient.Dll
19.06.2015
Vahagn Vardanyan
Med.
XMPP-Layer Compression Uncontrolled Resource Consumption
06.04.2014
Giancarlo Pellegrino
Low
Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit
06.05.2012
condis


CVEMAP Search Results

CVE
Details
Description
2018-06-08
Low
CVE-2018-12066

Updating...
 

 
BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a denial of service (stack consumption and daemon crash) via BGP mask expressions in birdc.

 
2018-06-06
Medium
CVE-2017-16138

Updating...
 

 
The mime module is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.

 
2018-06-04
Medium
CVE-2017-16021

Vendor: Uri-js project
Software: Uri-js
 

 
uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100% usage while uri-js is trying to validate if the supplied URL is valid or not. To check if you're vulnerable, look for a call to `require("uri-js").parse()` where a user is able to send their own input. This affects uri-js 2.1.1 and earlier.

 
2018-05-28
Low
CVE-2018-11507

Vendor: FLIF
Software: FLIF
 

 
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long loop in image_load_pnm in image/image-pnm.cpp.

 
2018-05-25
High
CVE-2018-6237

Vendor: Trendmicro
Software: Smart protec...
 

 
A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation.

 
2018-05-18
Medium
CVE-2017-18273

Vendor: Imagemagick
Software: Imagemagick
 

 
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.

 
Medium
CVE-2017-18271

Vendor: Imagemagick
Software: Imagemagick
 

 
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.

 
2018-05-11
Low
CVE-2016-8627

Vendor: Redhat
Software: Jboss enterp...
 

 
admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.

 
2018-05-09
Medium
CVE-2018-10827

Vendor: Litecart
Software: Litecart
 

 
LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.

 
2018-05-08
Low
CVE-2018-10805

Vendor: Imagemagick
Software: Imagemagick
 

 
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top