Total
2596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-1957 | 1 Strongswan | 1 Strongswan | 2009-10-13 | 5.0 MEDIUM | N/A |
charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request. | |||||
CVE-2009-1958 | 1 Strongswan | 1 Strongswan | 2009-10-13 | 5.0 MEDIUM | N/A |
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector. | |||||
CVE-2009-3470 | 1 Ibm | 1 Informix Dynamic Server | 2009-10-02 | 5.0 MEDIUM | N/A |
IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection. | |||||
CVE-2009-2815 | 1 Apple | 1 Iphone Os | 2009-09-23 | 7.8 HIGH | N/A |
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. | |||||
CVE-2008-7201 | 1 Lantronix | 1 Mss485-t | 2009-09-16 | 7.8 HIGH | N/A |
Lantronix MSS485-T allows remote attackers to cause a denial of service (unstable performance and service loss) via certain vulnerability scans, as demonstrated using (1) Nessus and (2) nmap. | |||||
CVE-2009-3101 | 1 Sun | 2 Opensolaris, Solaris | 2009-09-08 | 4.9 MEDIUM | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches. | |||||
CVE-2008-5102 | 1 Zope | 1 Zope | 2009-08-31 | 4.0 MEDIUM | N/A |
PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements. | |||||
CVE-2009-3000 | 1 Sun | 2 Opensolaris, Solaris | 2009-08-30 | 7.1 HIGH | N/A |
The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." | |||||
CVE-2009-2858 | 1 Ibm | 1 Db2 | 2009-08-20 | 5.0 MEDIUM | N/A |
Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure. | |||||
CVE-2008-6903 | 1 Sophos | 2 Anti-virus, Anti-virus7.6.3 | 2009-08-18 | 4.3 MEDIUM | N/A |
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats. | |||||
CVE-2009-1165 | 1 Cisco | 7 Catalyst 3750g, Cisco 1500 Wireless Lan Controller, Cisco 2000 Wireless Lan Controller and 4 more | 2009-08-06 | 7.8 HIGH | N/A |
Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789. | |||||
CVE-2009-1164 | 1 Cisco | 7 Catalyst 3750g, Cisco 1500 Wireless Lan Controller, Cisco 2000 Wireless Lan Controller and 4 more | 2009-08-06 | 7.8 HIGH | N/A |
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715. | |||||
CVE-2009-2668 | 1 Microsoft | 1 Internet Explorer | 2009-08-05 | 7.8 HIGH | N/A |
Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16473 allows remote attackers to cause a denial of service (CPU consumption) via an XML document composed of a long series of start-tags with no corresponding end-tags, a related issue to CVE-2009-1232. | |||||
CVE-2009-2575 | 1 Rim | 1 Blackberry 8800 | 2009-07-22 | 7.1 HIGH | N/A |
The Research In Motion (RIM) BlackBerry 8800 allows remote attackers to cause a denial of service (memory consumption and browser crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | |||||
CVE-2009-2137 | 1 Sun | 2 Opensolaris, Solaris | 2009-07-01 | 7.8 HIGH | N/A |
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. | |||||
CVE-2009-1163 | 1 Cisco | 1 Physical Access Gateway | 2009-07-01 | 7.8 HIGH | N/A |
Memory leak on the Cisco Physical Access Gateway with software before 1.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified TCP packets. | |||||
CVE-2009-0691 | 1 Foxitsoftware | 2 Foxit Reader, Jpeg2000 Jbig2 Decoder Add-on | 2009-06-25 | 9.3 HIGH | N/A |
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an invalid memory access. | |||||
CVE-2009-2187 | 1 Sun | 2 Opensolaris, Solaris | 2009-06-24 | 4.9 MEDIUM | N/A |
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages. | |||||
CVE-2009-1086 | 1 Nlnetlabs | 1 Ldns | 2009-05-14 | 6.4 MEDIUM | N/A |
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field. | |||||
CVE-2009-0874 | 1 Sun | 2 Opensolaris, Solaris | 2009-04-01 | 4.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. |