CWE:
 

Tytuł
Data
Autor
Med.
ZyXEL P-660HW UDP fragmentation Denial of Service
12.01.2018
Hosein Askari
Med.
ZyXEL TTL Expiry Denial of Service
25.12.2017
Hosein Askari
Low
Android Private Internet Access Denial Of Service
30.10.2017
nightwatchcybersecurit...
Low
libgedit.a mishandling NUL Blocks in gedit(GNOME text editor)
02.09.2017
Hosein Askari
Low
Trihedral VTScada DoS / XSS / Information Disclosure
01.07.2017
Karn Ganeshen
Med.
MikroTik UDP Flood Denial of Service
10.05.2017
Hosein Askari
Med.
BackBox OS Denial Of Service(CPU Consumption)
01.04.2017
Hosein Askari(FarazPaj...
Med.
MikroTik RouterBoard V-6.38.5 Denial Of Service | CPU Consumption
28.03.2017
Hosein Askari (FarazPa...
Med.
Android Qualcomm GPS/GNSS Man-In-The-Middle
12.10.2016
Yakov Shafranovich
Low
Open-Xchange App Suite 7.8.1 Information Disclosure
23.06.2016
Martin Heiland
Med.
SAP Afaria 7 XcListener DoS in the module XeClient.Dll
19.06.2015
Vahagn Vardanyan
Med.
XMPP-Layer Compression Uncontrolled Resource Consumption
06.04.2014
Giancarlo Pellegrino
Low
Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit
06.05.2012
condis


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-01-26
Low
CVE-2020-3131

Updating...
 

 
A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to insufficient input validation when processing received adaptive cards. The attacker could exploit this vulnerability by sending an adaptive card with malicious content to an existing user of the Cisco Webex Teams client for Windows. A successful exploit could allow the attacker to cause the targeted user's client to crash continuously. This vulnerability was introduced in Cisco Webex Teams client for Windows Release 3.0.13131.

 
Medium
CVE-2019-16022

Updating...
 

 
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

 
Medium
CVE-2019-16020

Updating...
 

 
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

 
2020-01-23
Medium
CVE-2008-7314

Vendor: MIRC
Software: MIRC
 

 
mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.

 
Low
CVE-2013-4175

Vendor: Mysecureshell project
Software: Mysecureshell
 

 
MySecureShell 1.31 has a Local Denial of Service Vulnerability

 
High
CVE-2012-6083

Vendor: Freeciv
Software: Freeciv
 

 
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.

 
Medium
CVE-2015-5333

Vendor: Openbsd
Software: Libressl
 

 
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.

 
2020-01-22
Low
CVE-2019-20395

Vendor: Cesnet
Software: Libyang
 

 
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

 
2020-01-15
Medium
CVE-2019-15961

Vendor: Clamav
Software: Clamav
 

 
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.

 
Medium
CVE-2020-1600

Vendor: Juniper
Software: Junos
 

 
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D90; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top