Total
2596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6432 | 1 Wireshark | 1 Wireshark | 2014-11-05 | 5.0 MEDIUM | N/A |
| The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||||
| CVE-2014-6426 | 1 Wireshark | 1 Wireshark | 2014-11-05 | 5.0 MEDIUM | N/A |
| The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2014-6418 | 1 Linux | 1 Linux Kernel | 2014-10-24 | 7.1 HIGH | N/A |
| net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. | |||||
| CVE-2014-8325 | 1 Calender Base Project | 1 Calender Base | 2014-10-23 | 7.8 HIGH | N/A |
| The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library. | |||||
| CVE-2014-5425 | 1 Ioserver | 1 Ioserver | 2014-10-22 | 5.0 MEDIUM | N/A |
| IOServer before Beta2112.exe allows remote attackers to cause a denial of service (out-of-bounds read and master entry consumption) via a null DNP3 header. | |||||
| CVE-2014-5328 | 1 Huawei | 2 E5332, E5332 Firmware | 2014-10-15 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long parameter in an API service request message. | |||||
| CVE-2014-5327 | 1 Huawei | 2 E5332, E5332 Firmware | 2014-10-15 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long URI. | |||||
| CVE-2014-3388 | 1 Cisco | 1 Asa | 2014-10-12 | 7.8 HIGH | N/A |
| The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2) allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCuo68327. | |||||
| CVE-2014-3386 | 1 Cisco | 1 Asa | 2014-10-12 | 7.8 HIGH | N/A |
| The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399. | |||||
| CVE-2014-3387 | 1 Cisco | 1 Asa | 2014-10-12 | 7.8 HIGH | N/A |
| The SunRPC inspection engine in Cisco ASA Software 7.2 before 7.2(5.14), 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), and 9.1 before 9.1(5.3) allows remote attackers to cause a denial of service (device reload) via crafted SunRPC packets, aka Bug ID CSCun11074. | |||||
| CVE-2014-3384 | 1 Cisco | 1 Asa | 2014-10-12 | 7.8 HIGH | N/A |
| The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401. | |||||
| CVE-2014-5410 | 1 Rockwellautomation | 1 Ab Micrologix Controller | 2014-10-06 | 7.1 HIGH | N/A |
| The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line. | |||||
| CVE-2012-5506 | 1 Plone | 1 Plone | 2014-10-02 | 5.0 MEDIUM | N/A |
| python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access. | |||||
| CVE-2012-5496 | 1 Plone | 1 Plone | 2014-10-02 | 5.0 MEDIUM | N/A |
| kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service (ZServer thread lock) via a crafted URL. | |||||
| CVE-2010-4755 | 3 Freebsd, Netbsd, Openbsd | 4 Freebsd, Netbsd, Openbsd and 1 more | 2014-08-08 | 4.0 MEDIUM | N/A |
| The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. | |||||
| CVE-2014-2842 | 1 Juniper | 1 Screenos | 2014-07-17 | 7.8 HIGH | N/A |
| Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet. | |||||
| CVE-2013-4599 | 1 Misery Project | 1 Misery | 2014-06-25 | 4.3 MEDIUM | N/A |
| The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests. | |||||
| CVE-2013-2564 | 1 Mambo-foundation | 1 Mambo Cms | 2014-06-24 | 5.0 MEDIUM | N/A |
| Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file. | |||||
| CVE-2012-2027 | 1 Adobe | 3 Photoshop, Photoshop Cs4, Photoshop Cs5.5 | 2014-06-20 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file. | |||||
| CVE-2013-6413 | 1 Unrealircd | 1 Unrealircd | 2014-05-19 | 5.0 MEDIUM | N/A |
| Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2013-7384 was assigned for the NULL pointer dereference. | |||||