Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-399
Total 2596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1421 1 Suckbot 1 Suckbot 2017-07-28 4.3 MEDIUM N/A
Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
CVE-2003-1494 1 Hp 1 Openview Network Node Manager 2017-07-28 5.0 MEDIUM N/A
Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet.
CVE-2016-6466 1 Cisco 2 Asr 5000 Series Software, Virtualized Packet Core 2017-07-27 5.0 MEDIUM 7.5 HIGH
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147.
CVE-2016-9372 1 Wireshark 1 Wireshark 2017-07-27 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects.
CVE-2016-9375 2 Debian, Wireshark 2 Debian Linux, Wireshark 2017-07-27 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
CVE-2016-9374 2 Debian, Wireshark 2 Debian Linux, Wireshark 2017-07-27 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.
CVE-2016-9312 2 Microsoft, Ntp 2 Windows, Ntp 2017-07-27 5.0 MEDIUM 7.5 HIGH
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet.
CVE-2016-9376 2 Debian, Wireshark 2 Debian Linux, Wireshark 2017-07-27 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.
CVE-2016-7539 1 Imagemagick 1 Imagemagick 2017-07-27 7.8 HIGH 7.5 HIGH
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2006-4517 1 Novell 1 Imanager 2017-07-19 7.8 HIGH N/A
Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference.
CVE-2006-5568 1 Datawizard 1 Ftpxq 2017-07-19 5.0 MEDIUM N/A
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command.
CVE-2006-5424 1 Justsystem 1 Ichitaro 2017-07-19 5.1 MEDIUM N/A
Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326.
CVE-2006-3121 1 High Availability Linux Project 1 Heartbeat 2017-07-19 5.0 MEDIUM N/A
The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.
CVE-2006-1991 1 Php 1 Php 2017-07-19 6.4 MEDIUM N/A
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.
CVE-2006-2069 1 Powerdns 1 Powerdns 2017-07-19 5.0 MEDIUM N/A
The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.
CVE-2006-1338 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2017-07-19 5.0 MEDIUM N/A
Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails".
CVE-2006-1275 1 Ggz Gaming Zone 1 Ggz Gaming Zone 2017-07-19 5.0 MEDIUM N/A
GGZ Gaming Zone 0.0.12 allows remote attackers to cause a denial of service (client disconnect) via inputs that produce malformed XML, including (1) trailing ' (apostrophe) character on the ID attribute in a PLAYER XML tag, (2) joining with a long ID attribute or non-trailing ' characters, which causes a <none> name to be assigned, and then disconnecting, or (3) a long CDATA message attribute, which prevents closing tags from being added to the string.
CVE-2006-1470 1 Apple 2 Mac Os X, Mac Os X Server 2017-07-19 5.0 MEDIUM N/A
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.
CVE-2006-0883 2 Freebsd, Openbsd 2 Freebsd, Openssh 2017-07-19 5.0 MEDIUM N/A
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
CVE-2006-0342 1 Rockliffe 1 Mailsite 2017-07-19 7.8 HIGH N/A
RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|".