Total
2596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5619 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 2.1 LOW | N/A |
| The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. | |||||
| CVE-2006-4924 | 1 Openbsd | 1 Openssh | 2018-10-17 | 7.8 HIGH | N/A |
| sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. | |||||
| CVE-2006-4855 | 1 Symantec | 7 Client Security, Host Ids, Norton Antivirus and 4 more | 2018-10-17 | 4.9 MEDIUM | N/A |
| The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. | |||||
| CVE-2006-4775 | 1 Cisco | 2 Catos, Ios | 2018-10-17 | 7.8 HIGH | N/A |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | |||||
| CVE-2006-4774 | 1 Cisco | 1 Ios | 2018-10-17 | 7.8 HIGH | N/A |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | |||||
| CVE-2006-4333 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.4 MEDIUM | N/A |
| The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. | |||||
| CVE-2006-4257 | 1 Ibm | 1 Db2 | 2018-10-17 | 4.0 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference. | |||||
| CVE-2006-4145 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 4.9 MEDIUM | N/A |
| The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command. | |||||
| CVE-2006-3840 | 1 Iss | 10 Blackice Pc Protection, Blackice Server Protection, Proventia A Series Xpu and 7 more | 2018-10-17 | 5.0 MEDIUM | N/A |
| The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. | |||||
| CVE-2011-2161 | 1 Ffmpeg | 1 Ffmpeg | 2018-10-17 | 4.3 MEDIUM | N/A |
| The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header but no frames. | |||||
| CVE-2007-3477 | 1 Libgd | 1 Gd Graphics Library | 2018-10-16 | 5.0 MEDIUM | N/A |
| The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. | |||||
| CVE-2007-3274 | 2 Apple, Microsoft | 2 Safari, Windows Xp | 2018-10-16 | 4.3 MEDIUM | N/A |
| Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location. | |||||
| CVE-2007-3115 | 1 Maradns | 1 Maradns | 2018-10-16 | 7.8 HIGH | N/A |
| Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, and 1.3.x before 1.3.05, allow remote attackers to cause a denial of service (memory consumption) via (1) reverse lookups or (2) requests for records in a class other than Internet (IN), a different set of affected versions than CVE-2007-3114 and CVE-2007-3116. | |||||
| CVE-2007-2276 | 1 3com | 1 Tippingpoint Ips | 2018-10-16 | 7.8 HIGH | N/A |
| ** DISPUTED ** 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a "badly written loop." NOTE: the vendor disputes this issue, stating that the product has "performed as expected with no DoS emerging." | |||||
| CVE-2007-2120 | 1 Oracle | 1 Application Server | 2018-10-16 | 7.8 HIGH | N/A |
| The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01. | |||||
| CVE-2007-1754 | 1 Microsoft | 1 Publisher | 2018-10-16 | 9.3 HIGH | N/A |
| PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability". | |||||
| CVE-2007-1861 | 1 Linux | 1 Linux Kernel | 2018-10-16 | 4.9 MEDIUM | N/A |
| The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow. | |||||
| CVE-2007-1747 | 1 Microsoft | 1 Office | 2018-10-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. | |||||
| CVE-2007-1673 | 9 Amavis, Avast, Avira and 6 more | 13 Amavis, Avast Antivirus, Avast Antivirus Home and 10 more | 2018-10-16 | 7.8 HIGH | N/A |
| unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | |||||
| CVE-2007-1531 | 1 Microsoft | 2 Windows Vista, Windows Xp | 2018-10-16 | 5.0 MEDIUM | N/A |
| Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host. | |||||