Export limit exceeded: 356035 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8779 | 4 Libtirpc Project, Ntirpc Project, Redhat and 1 more | 6 Libtirpc, Ntirpc, Ceph Storage and 3 more | 2025-04-20 | N/A |
| rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. | ||||
| CVE-2017-8804 | 1 Gnu | 1 Glibc | 2025-04-20 | N/A |
| The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references | ||||
| CVE-2017-9627 | 1 Schneider-electric | 1 Wonderware Archestra Logger | 2025-04-20 | 8.6 High |
| An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. | ||||
| CVE-2017-12692 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file. | ||||
| CVE-2017-11170 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file. | ||||
| CVE-2017-12693 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file. | ||||
| CVE-2017-14108 | 1 Gnome | 1 Gedit | 2025-04-20 | N/A |
| libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to cause a denial of service (CPU consumption) via a file that begins with many '\0' characters. | ||||
| CVE-2017-11142 | 1 Php | 1 Php | 2025-04-20 | N/A |
| In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c. | ||||
| CVE-2017-11141 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call. | ||||
| CVE-2017-11140 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | N/A |
| The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. | ||||
| CVE-2017-14137 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
| ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. | ||||
| CVE-2017-1000378 | 1 Netbsd | 1 Netbsd | 2025-04-20 | N/A |
| The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions. | ||||
| CVE-2015-2313 | 1 Capnproto | 1 Capnproto | 2025-04-20 | N/A |
| Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-2312. | ||||
| CVE-2017-10922 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3. | ||||
| CVE-2015-3248 | 2 Openhpi, Redhat | 2 Openhpi, Enterprise Linux | 2025-04-20 | N/A |
| openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk consumption). | ||||
| CVE-2016-9310 | 2 Ntp, Redhat | 2 Ntp, Enterprise Linux | 2025-04-20 | N/A |
| The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet. | ||||
| CVE-2016-8610 | 7 Debian, Fujitsu, Netapp and 4 more | 55 Debian Linux, M10-1, M10-1 Firmware and 52 more | 2025-04-20 | 7.5 High |
| A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. | ||||
| CVE-2015-7384 | 1 Nodejs | 1 Node.js | 2025-04-20 | N/A |
| Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. | ||||
| CVE-2016-6831 | 1 Call-cc | 1 Chicken | 2025-04-20 | N/A |
| The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve() call failed, resulting in a memory leak. This could be abused by an attacker to cause resource exhaustion or a denial of service. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). | ||||
| CVE-2016-6312 | 1 Redhat | 1 Enterprise Linux | 2025-04-20 | N/A |
| The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remote authenticated users with access to the webdav repository to cause a denial of service (memory consumption and httpd crash). NOTE: Exists as a regression to CVE-2009-1955. | ||||