Total
2596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2292 | 1 Bitcoin | 3 Bitcoin-qt, Bitcoin Core, Bitcoind | 2020-03-18 | 7.8 HIGH | N/A |
bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to cause a denial of service (electricity consumption) by mining a block to create a nonstandard Bitcoin transaction containing multiple OP_CHECKSIG script opcodes. | |||||
CVE-2012-4684 | 1 Bitcoin | 4 Bitcoin-qt, Bitcoin Core, Bitcoind and 1 more | 2020-03-18 | 7.8 HIGH | N/A |
The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert. | |||||
CVE-2013-3220 | 1 Bitcoin | 4 Bitcoin-qt, Bitcoin Core, Bitcoind and 1 more | 2020-03-18 | 6.4 MEDIUM | N/A |
bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote attackers to cause a denial of service (split) and enable certain double-spending capabilities via a large block that triggers incorrect Berkeley DB locking. | |||||
CVE-2013-2293 | 1 Bitcoin | 3 Bitcoin-qt, Bitcoin Core, Bitcoind | 2020-03-18 | 5.0 MEDIUM | N/A |
The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attackers to cause a denial of service (disk I/O consumption) via a Bitcoin transaction with many inputs corresponding to many different parts of the stored block chain. | |||||
CVE-2014-2256 | 1 Siemens | 6 Simatic S7 Cpu-1211c, Simatic S7 Cpu 1200 Firmware, Simatic S7 Cpu 1212c and 3 more | 2020-02-10 | 7.8 HIGH | N/A |
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets, a different vulnerability than CVE-2014-2257. | |||||
CVE-2014-2258 | 1 Siemens | 6 Simatic S7 Cpu-1211c, Simatic S7 Cpu 1200 Firmware, Simatic S7 Cpu 1212c and 3 more | 2020-02-10 | 7.8 HIGH | N/A |
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets, a different vulnerability than CVE-2014-2259. | |||||
CVE-2014-2254 | 1 Siemens | 6 Simatic S7 Cpu-1211c, Simatic S7 Cpu 1200 Firmware, Simatic S7 Cpu 1212c and 3 more | 2020-02-10 | 7.8 HIGH | N/A |
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets, a different vulnerability than CVE-2014-2255. | |||||
CVE-2014-2252 | 1 Siemens | 6 Simatic S7 Cpu-1211c, Simatic S7 Cpu 1200 Firmware, Simatic S7 Cpu 1212c and 3 more | 2020-02-10 | 6.1 MEDIUM | N/A |
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253. | |||||
CVE-2016-3949 | 1 Siemens | 4 Simatic S7-300 With Profitnet Support, Simatic S7-300 With Profitnet Support Firmware, Simatic S7-300 Without Profitnet Support and 1 more | 2020-02-10 | 7.8 HIGH | 7.5 HIGH |
Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets. | |||||
CVE-2015-4238 | 1 Cisco | 1 Adaptive Security Appliance Software | 2020-01-21 | 6.8 MEDIUM | N/A |
The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601. | |||||
CVE-2011-0284 | 1 Mit | 1 Kerberos 5 | 2020-01-21 | 7.6 HIGH | N/A |
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data. | |||||
CVE-2006-3083 | 2 Heimdal, Mit | 2 Heimdal, Kerberos 5 | 2020-01-21 | 7.2 HIGH | N/A |
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion. | |||||
CVE-2010-1320 | 1 Mit | 1 Kerberos 5 | 2020-01-21 | 4.0 MEDIUM | N/A |
Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation. | |||||
CVE-2010-0629 | 1 Mit | 2 Kerberos, Kerberos 5 | 2020-01-21 | 4.0 MEDIUM | N/A |
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | |||||
CVE-2015-3812 | 2 Oracle, Wireshark | 3 Linux, Solaris, Wireshark | 2019-12-27 | 7.8 HIGH | N/A |
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. | |||||
CVE-2015-4024 | 5 Apple, Hp, Oracle and 2 more | 12 Mac Os X, System Management Homepage, Linux and 9 more | 2019-12-27 | 5.0 MEDIUM | N/A |
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. | |||||
CVE-2015-1819 | 8 Apple, Canonical, Debian and 5 more | 12 Iphone Os, Mac Os X, Tvos and 9 more | 2019-12-27 | 5.0 MEDIUM | N/A |
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. | |||||
CVE-2016-7166 | 3 Libarchive, Oracle, Redhat | 9 Libarchive, Linux, Enterprise Linux Desktop and 6 more | 2019-12-27 | 4.3 MEDIUM | 5.5 MEDIUM |
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file. | |||||
CVE-2010-3833 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 5.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT." | |||||
CVE-2010-3836 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers. |