Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-399
Total 2596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3362 1 Cisco 4 Telepresence System Edge 75 Mxp, Telepresence System Edge 85 Mxp, Telepresence System Edge 95 Mxp and 1 more 2017-08-28 7.8 HIGH N/A
Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677.
CVE-2014-2124 1 Cisco 2 Catalyst 6500, Ios 2017-08-28 7.1 HIGH N/A
Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783.
CVE-2014-3353 1 Cisco 1 Ios Xr 2017-08-28 7.1 HIGH N/A
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.
CVE-2014-3347 1 Cisco 8 1801 Integrated Service Router, 1802 Integrated Service Router, 1803 Integrated Service Router and 5 more 2017-08-28 5.4 MEDIUM N/A
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897.
CVE-2014-0560 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2017-08-28 10.0 HIGH N/A
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
CVE-2014-3293 1 Cisco 2 Asr901, Ios 2017-08-28 5.0 MEDIUM N/A
Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736.
CVE-2013-7298 1 Tntnet 1 Cxxtools 2017-08-28 5.0 MEDIUM N/A
query_params.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service (infinite recursion and crash) via an HTTP query that contains %% (double percent) characters.
CVE-2014-1699 1 Siemens 1 Simatic Wincc Open Architecture 2017-08-28 5.0 MEDIUM N/A
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999.
CVE-2014-1446 1 Linux 1 Linux Kernel 2017-08-28 1.9 LOW N/A
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.
CVE-2014-1445 1 Linux 1 Linux Kernel 2017-08-28 2.1 LOW N/A
The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.
CVE-2014-1444 1 Linux 1 Linux Kernel 2017-08-28 1.7 LOW N/A
The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call.
CVE-2014-0964 1 Ibm 1 Websphere Application Server 2017-08-28 7.1 HIGH N/A
IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
CVE-2014-0963 1 Ibm 2 Security Access Manager For Web Appliance, Security Access Manager For Web Software 2017-08-28 7.1 HIGH N/A
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.
CVE-2014-0949 1 Ibm 1 Websphere Portal 2017-08-28 5.0 MEDIUM N/A
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request.
CVE-2014-3104 1 Ibm 1 Rational Clearcase 2017-08-28 5.0 MEDIUM N/A
IBM Rational ClearQuest 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE-2014-3018 1 Ibm 4 Sas Connectivity Module, Sas Connectivity Module Firmware, Sas Raid Module and 1 more 2017-08-28 7.8 HIGH N/A
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) before 1.3.3.006 allow remote attackers to cause a denial of service (reboot) via a flood of IP packets.
CVE-2014-0664 1 Cisco 1 Unity Connection 2017-08-28 6.8 MEDIUM N/A
The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976.
CVE-2013-0494 1 Ibm 1 Sterling B2b Integrator 2017-08-28 5.0 MEDIUM N/A
IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted HTTP (1) Range or (2) Request-Range header.
CVE-2013-4690 1 Juniper 4 Junos, Srx1400, Srx3400 and 1 more 2017-08-28 5.0 MEDIUM N/A
Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly initialize memory locations used during padding of Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data, aka PR 829536, a related issue to CVE-2003-0001.
CVE-2013-0486 1 Ibm 1 Lotus Domino 2017-08-28 4.3 MEDIUM N/A
Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.