Total
2705 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7841 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-12 | N/A |
| The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. | ||||
| CVE-2014-7900 | 1 Google | 1 Chrome | 2025-04-12 | N/A |
| Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. | ||||
| CVE-2014-8628 | 1 Polarssl | 1 Polarssl | 2025-04-12 | N/A |
| Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted X.509 certificates. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2014-9744 for the ClientHello message issue. | ||||
| CVE-2015-0030 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0031, CVE-2015-0036, and CVE-2015-0041. | ||||
| CVE-2014-0474 | 3 Canonical, Djangoproject, Redhat | 3 Ubuntu Linux, Django, Openstack | 2025-04-12 | N/A |
| The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting." | ||||
| CVE-2014-8325 | 1 Calender Base Project | 1 Calender Base | 2025-04-12 | N/A |
| The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library. | ||||
| CVE-2014-3584 | 2 Apache, Redhat | 2 Cxf, Jboss Fuse | 2025-04-12 | N/A |
| The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service. | ||||
| CVE-2014-8901 | 1 Ibm | 1 Db2 | 2025-04-12 | N/A |
| IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query. | ||||
| CVE-2014-8927 | 1 Ibm | 3 Endpoint Manager Family, License Metric Tool, Tivoli Asset Discovery For Distributed | 2025-04-12 | N/A |
| Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8926. | ||||
| CVE-2014-9191 | 1 Codewrights | 1 Hart Device Type Manager | 2025-04-12 | N/A |
| The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang) by transmitting crafted response packets on the 4-20 mA current loop. | ||||
| CVE-2015-0132 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-12 | N/A |
| The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | ||||
| CVE-2014-3638 | 3 D-bus Project, Freedesktop, Opensuse | 3 D-bus, Dbus, Opensuse | 2025-04-12 | N/A |
| The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls. | ||||
| CVE-2015-0018 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0037, CVE-2015-0040, and CVE-2015-0066. | ||||
| CVE-2016-4423 | 2 Debian, Sensiolabs | 2 Debian Linux, Symfony | 2025-04-12 | N/A |
| The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames. | ||||
| CVE-2015-4105 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. | ||||
| CVE-2016-5435 | 1 Huawei | 10 Huawei Firmware, Ips Module, Ngfw Module and 7 more | 2025-04-12 | N/A |
| Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet. | ||||
| CVE-2015-0593 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and earlier does not properly manage session-object structures, which allows remote attackers to cause a denial of service (device reload) via crafted network traffic, aka Bug ID CSCul65003. | ||||
| CVE-2015-0619 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| Memory leak in the embedded web server in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and SSL outage) via multiple crafted HTTP requests, aka Bug ID CSCue05458. | ||||
| CVE-2015-0708 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a denial of service (device crash) by including an IA_NA option in a DHCPv6 Solicit message on the local network, aka Bug ID CSCur29956. | ||||
| CVE-2014-3388 | 1 Cisco | 1 Asa | 2025-04-12 | N/A |
| The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2) allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCuo68327. | ||||