Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-400
Total 1255 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9697 1 Huawei 6 Usg9520, Usg9520 Firmware, Usg9560 and 3 more 2017-11-08 7.8 HIGH 7.5 HIGH
Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website.
CVE-2014-7813 1 Redhat 1 Cloudforms 3.0 Management Engine 2017-11-07 4.0 MEDIUM 6.5 MEDIUM
Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols.
CVE-2017-15596 1 Xen 1 Xen 2017-11-03 4.9 MEDIUM 6.0 MEDIUM
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.
CVE-2017-10922 1 Xen 1 Xen 2017-11-03 5.0 MEDIUM 7.5 HIGH
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVE-2015-7384 1 Nodejs 1 Node.js 2017-10-27 5.0 MEDIUM 7.5 HIGH
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.
CVE-2017-1000373 1 Openbsd 1 Openbsd 2017-10-23 6.4 MEDIUM 6.5 MEDIUM
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions.
CVE-2017-15193 1 Wireshark 1 Wireshark 2017-10-17 7.8 HIGH 7.5 HIGH
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
CVE-2017-14616 1 Watchguard 1 Fireware 2017-10-04 7.8 HIGH 7.5 HIGH
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible.
CVE-2013-7428 1 Mapsplugin 1 Googlemaps 2017-09-14 5.0 MEDIUM 7.5 HIGH
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.
CVE-2015-5695 1 Openstack 1 Designate 2017-09-12 4.0 MEDIUM 6.5 MEDIUM
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
CVE-2017-14158 1 Scrapy 1 Scrapy 2017-09-07 7.8 HIGH 7.5 HIGH
Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by interaction between dataReceived (in core/downloader/handlers/http11.py) and S3FilesStore.
CVE-2017-12076 1 Synology 1 Diskstation Manager 2017-08-31 4.0 MEDIUM 4.9 MEDIUM
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.
CVE-2017-12077 1 Synology 1 Router Manager 2017-08-31 4.0 MEDIUM 4.9 MEDIUM
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.
CVE-2014-3328 1 Cisco 1 Unified Presence Server 2017-08-28 5.0 MEDIUM N/A
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
CVE-2015-2313 1 Capnproto 1 Capnproto 2017-08-17 7.8 HIGH 7.5 HIGH
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption) via a crafted small message, which triggers a "tight" for loop. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-2312.
CVE-2015-2312 1 Capnproto 1 Capnproto 2017-08-17 7.8 HIGH 7.5 HIGH
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements.
CVE-2017-6019 1 Schneider-electric 2 Conext Combox 865-1058, Conext Combox 865-1058 Firmware 2017-08-15 7.8 HIGH 7.5 HIGH
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.
CVE-2017-9259 1 Surina 1 Soundtouch 2017-08-11 4.3 MEDIUM 5.5 MEDIUM
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file.
CVE-2017-11530 1 Imagemagick 1 Imagemagick 2017-07-28 7.1 HIGH 6.5 MEDIUM
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVE-2017-11527 1 Imagemagick 1 Imagemagick 2017-07-28 7.1 HIGH 6.5 MEDIUM
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.