Total
2596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5330 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers. | |||||
| CVE-2007-5332 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2021-04-07 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption. | |||||
| CVE-2012-1148 | 2 Apple, Libexpat Project | 2 Mac Os X, Libexpat | 2021-01-25 | 5.0 MEDIUM | N/A |
| Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. | |||||
| CVE-2015-8345 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-12-14 | 2.1 LOW | 6.5 MEDIUM |
| The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | |||||
| CVE-2015-0217 | 1 Moodle | 1 Moodle | 2020-12-01 | 6.8 MEDIUM | N/A |
| filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression. | |||||
| CVE-2014-7847 | 1 Moodle | 1 Moodle | 2020-12-01 | 5.0 MEDIUM | N/A |
| iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote attackers to cause a denial of service (resource consumption) by triggering the calculation of an estimated latitude and longitude for an IP address. | |||||
| CVE-2015-2268 | 1 Moodle | 1 Moodle | 2020-12-01 | 6.8 MEDIUM | N/A |
| filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression. | |||||
| CVE-2015-5332 | 1 Moodle | 1 Moodle | 2020-12-01 | 7.1 HIGH | 6.8 MEDIUM |
| Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature. | |||||
| CVE-2003-1342 | 2 Microsoft, Trend Micro | 2 Internet Information Server, Virus Control System | 2020-11-23 | 5.0 MEDIUM | N/A |
| Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | |||||
| CVE-2015-8959 | 1 Imagemagick | 1 Imagemagick | 2020-11-16 | 7.1 HIGH | 6.5 MEDIUM |
| coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file. | |||||
| CVE-2016-7907 | 1 Qemu | 1 Qemu | 2020-11-10 | 2.1 LOW | 4.4 MEDIUM |
| The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags. | |||||
| CVE-2008-3912 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2020-11-08 | 5.0 MEDIUM | N/A |
| libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. | |||||
| CVE-2009-3616 | 1 Qemu | 1 Qemu | 2020-11-02 | 8.5 HIGH | N/A |
| Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data transfer, (2) sending a message using incorrect integer data types, or (3) using the Fuzzy Screen Mode protocol, related to double free vulnerabilities. | |||||
| CVE-2008-2382 | 2 Kvm Qumranet, Qemu | 2 Kvm, Qemu | 2020-11-02 | 5.0 MEDIUM | N/A |
| The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message. | |||||
| CVE-2015-1832 | 1 Apache | 1 Derby | 2020-10-20 | 6.4 MEDIUM | 9.1 CRITICAL |
| XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype. | |||||
| CVE-2016-6386 | 1 Cisco | 6 Ios Xe, Ios Xe 16.1, Ios Xe 3.2ja and 3 more | 2020-09-29 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remote attackers to cause a denial of service (data-structure corruption and device reload) via fragmented IPv4 packets, aka Bug ID CSCux66005. | |||||
| CVE-2016-6381 | 1 Cisco | 6 Ios, Ios Xe, Ios Xe 16.1 and 3 more | 2020-09-29 | 7.1 HIGH | 7.5 HIGH |
| Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382. | |||||
| CVE-2012-4775 | 1 Microsoft | 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more | 2020-09-28 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." | |||||
| CVE-2012-4782 | 1 Microsoft | 7 Internet Explorer, Windows 7, Windows 8 and 4 more | 2020-09-28 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability." | |||||
| CVE-2012-4787 | 1 Microsoft | 7 Internet Explorer, Windows 7, Windows 8 and 4 more | 2020-09-28 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability." | |||||