Search Results (2714 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-7400 1 Ibm 1 Mashups Center 2025-04-12 N/A
The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2015-2757 1 Mcafee 1 Data Loss Prevention Endpoint 2025-04-12 N/A
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors.
CVE-2015-2936 1 Mediawiki 1 Mediawiki 2025-04-12 N/A
MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.
CVE-2015-2937 1 Mediawiki 1 Mediawiki 2025-04-12 N/A
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service ("quadratic blowup" and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, a different vulnerability than CVE-2015-2942.
CVE-2014-6060 2 Dhcpcd Project, Google 2 Dhcpcd, Android 2025-04-12 N/A
The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again.
CVE-2015-3280 2 Openstack, Redhat 2 Nova, Openstack 2025-04-12 N/A
OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
CVE-2015-3813 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-12 N/A
The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.
CVE-2015-4024 5 Apple, Hp, Oracle and 2 more 13 Mac Os X, System Management Homepage, Linux and 10 more 2025-04-12 N/A
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVE-2015-4191 1 Cisco 1 Ios Xr 2025-04-12 N/A
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.
CVE-2015-4204 1 Cisco 2 Cisco Ios, Ubr10000 Cable Modem Termination System 2025-04-12 N/A
Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051.
CVE-2014-5471 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux, Enterprise Mrg and 3 more 2025-04-12 N/A
Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.
CVE-2014-4807 1 Ibm 1 Sterling Selling And Fulfillment Foundation 2025-04-12 N/A
Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character.
CVE-2015-5145 1 Djangoproject 1 Django 2025-04-12 N/A
validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
CVE-2015-5362 1 Juniper 1 Junos 2025-04-12 N/A
The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D85, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D10 allows remote attackers to cause a denial of service (bfdd crash and restart) or execute arbitrary code via a crafted BFD packet.
CVE-2015-5366 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Server Aus and 4 more 2025-04-12 N/A
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.
CVE-2014-6432 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-12 N/A
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2012-2134 2 Martin Nagy, Redhat 2 Bind-dyndb-ldap, Enterprise Linux 2025-04-12 N/A
The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query.
CVE-2014-1743 1 Google 1 Chrome 2025-04-12 N/A
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation.
CVE-2014-1763 1 Microsoft 1 Internet Explorer 2025-04-12 N/A
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
CVE-2014-4814 1 Ibm 1 Websphere Portal 2025-04-12 N/A
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 does not properly detect recursion during entity expansion, which allows remote authenticated users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.