Total
2551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6363 | 1 Microsoft | 2 Internet Explorer, Vbscript | 2025-04-12 | 9.3 HIGH | N/A |
| vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." | |||||
| CVE-2015-0776 | 1 Cisco | 2 Ios Xr, Network Convergence System 6008 | 2025-04-12 | 5.0 MEDIUM | N/A |
| telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566. | |||||
| CVE-2014-3368 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. | |||||
| CVE-2015-6733 | 1 Mediawiki | 1 Mediawiki | 2025-04-12 | 5.0 MEDIUM | N/A |
| GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. | |||||
| CVE-2015-0027 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0035, CVE-2015-0039, CVE-2015-0052, and CVE-2015-0068. | |||||
| CVE-2015-6273 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623. | |||||
| CVE-2014-5149 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | 4.7 MEDIUM | N/A |
| Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146. | |||||
| CVE-2016-1349 | 7 Cisco, Intel, Netgear and 4 more | 7 Ios Xe, Core I5-9400f Firmware, Jr6150 Firmware and 4 more | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. | |||||
| CVE-2015-6297 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525. | |||||
| CVE-2016-6595 | 1 Docker | 1 Docker | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At some point the manager obviously stops being able to accept new nodes, since it runs out of memory. Given that both for Docker swarm and for Docker Swarmkit nodes are *required* to provide a secret token (it's actually the only mode of operation), this means that no adversary can simply join nodes and exhaust manager resources. We can't do anything about a manager running out of memory and not being able to add new legitimate nodes to the system. This is merely a resource provisioning issue, and definitely not a CVE worthy vulnerability. | |||||
| CVE-2014-4462 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | 5.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452. | |||||
| CVE-2016-6881 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file. | |||||
| CVE-2016-3754 | 1 Google | 1 Android | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not limit process-memory usage, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28615448. | |||||
| CVE-2016-2208 | 1 Symantec | 1 Anti-virus Engine | 2025-04-12 | 9.4 HIGH | 9.1 CRITICAL |
| The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system crash) via a malformed PE header file. | |||||
| CVE-2015-1082 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | |||||
| CVE-2014-9620 | 1 File Project | 1 File | 2025-04-12 | 5.0 MEDIUM | N/A |
| The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. | |||||
| CVE-2016-6424 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 6.1 MEDIUM | 6.5 MEDIUM |
| The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942. | |||||
| CVE-2014-3688 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 5.0 MEDIUM | N/A |
| The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c. | |||||
| CVE-2016-2179 | 2 Openssl, Oracle | 2 Openssl, Linux | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. | |||||
| CVE-2015-0099 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | |||||