Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-399
Total 2596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4191 1 Cisco 1 Ios Xr 2016-12-28 5.0 MEDIUM N/A
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.
CVE-2015-4230 1 Cisco 1 Headend System Release 2016-12-28 7.8 HIGH N/A
Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91854.
CVE-2015-4239 1 Cisco 1 Adaptive Security Appliance Software 2016-12-28 6.1 MEDIUM N/A
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.
CVE-2015-4269 1 Cisco 1 Unified Communications Manager 2016-12-28 4.0 MEDIUM N/A
The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) allows remote authenticated users to cause a denial of service (management outage) by sending many requests, aka Bug ID CSCuu99709.
CVE-2015-4301 1 Cisco 7 Nexus 93120tx, Nexus 93128tx, Nexus 9332pq and 4 more 2016-12-28 6.8 MEDIUM N/A
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
CVE-2015-1868 2 Fedoraproject, Powerdns 3 Fedora, Authoritative, Recursor 2016-12-27 7.8 HIGH N/A
The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.
CVE-2015-5964 3 Canonical, Djangoproject, Oracle 3 Ubuntu Linux, Django, Solaris 2016-12-23 5.0 MEDIUM N/A
The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.
CVE-2016-6881 1 Ffmpeg 1 Ffmpeg 2016-12-23 4.3 MEDIUM 5.5 MEDIUM
The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file.
CVE-2016-9561 1 Ffmpeg 1 Ffmpeg 2016-12-23 4.3 MEDIUM 5.5 MEDIUM
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.
CVE-2015-6994 1 Apple 2 Iphone Os, Mac Os X 2016-12-23 7.1 HIGH N/A
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app.
CVE-2016-8826 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Gpu Driver 2016-12-22 4.9 MEDIUM 5.5 MEDIUM
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) where a user can cause a GPU interrupt storm, leading to a denial of service.
CVE-2016-9198 1 Cisco 1 Identity Services Engine 2016-12-22 5.0 MEDIUM 7.5 HIGH
A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More Information: CSCuw15041. Known Affected Releases: 1.2(1.199).
CVE-2015-1227 1 Google 1 Chrome 2016-12-21 7.5 HIGH N/A
The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used.
CVE-2015-2013 1 Ibm 1 Websphere Mq 2016-12-21 5.0 MEDIUM N/A
IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call.
CVE-2015-1943 1 Ibm 1 Websphere Portal 2016-12-21 7.8 HIGH N/A
IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.
CVE-2015-1228 3 Canonical, Google, Redhat 6 Ubuntu Linux, Chrome, Enterprise Linux Desktop Supplementary and 3 more 2016-12-21 7.5 HIGH N/A
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted Cascading Style Sheets (CSS) token sequence.
CVE-2015-0221 2 Canonical, Djangoproject 2 Ubuntu Linux, Django 2016-12-21 5.0 MEDIUM N/A
The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.
CVE-2006-0081 1 Intel 1 Graphics Accelerator Driver 2016-12-19 7.8 HIGH N/A
ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title.
CVE-2016-9633 1 W3m Project 1 W3m 2016-12-13 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
CVE-2015-6302 1 Cisco 1 Wireless Lan Controller Software 2016-12-12 5.0 MEDIUM N/A
The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request UDP packets, aka Bug ID CSCuw29419.