Total
2554 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-0035 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0. | |||||
CVE-2006-3840 | 1 Iss | 10 Blackice Pc Protection, Blackice Server Protection, Proventia A Series Xpu and 7 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. | |||||
CVE-2006-1593 | 2 X-doom, Zdaemon | 2 X-doom, Zdaemon | 2023-12-10 | 5.0 MEDIUM | N/A |
The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array index. | |||||
CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2023-12-10 | 5.0 MEDIUM | N/A |
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | |||||
CVE-2005-3109 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus. | |||||
CVE-2005-2087 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem. | |||||
CVE-2005-2919 | 1 Clam Anti-virus | 1 Clamav | 2023-12-10 | 5.0 MEDIUM | N/A |
libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. | |||||
CVE-2005-4857 | 1 Ez | 1 Ez Publish | 2023-12-10 | 4.0 MEDIUM | N/A |
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error". | |||||
CVE-2005-4348 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 7.8 HIGH | N/A |
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers. | |||||
CVE-2006-1991 | 1 Php | 1 Php | 2023-12-10 | 6.4 MEDIUM | N/A |
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument. | |||||
CVE-2005-3714 | 1 Apple | 2 Airport Express, Airport Extreme | 2023-12-10 | 5.0 MEDIUM | N/A |
The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme 5.x before Firmware Update 5.7, allows remote attackers to cause a denial of service (unresponsive interface) via malformed packets. | |||||
CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | |||||
CVE-2006-1173 | 1 Sendmail | 1 Sendmail | 2023-12-10 | 5.0 MEDIUM | N/A |
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files. | |||||
CVE-2005-3357 | 1 Apache | 1 Http Server | 2023-12-10 | 5.4 MEDIUM | N/A |
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference. | |||||
CVE-2006-0342 | 1 Rockliffe | 1 Mailsite | 2023-12-10 | 7.8 HIGH | N/A |
RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|". | |||||
CVE-2006-2934 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer. | |||||
CVE-2005-1790 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability." | |||||
CVE-2005-2708 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash ulimit -v command. | |||||
CVE-2005-1021 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. | |||||
CVE-2006-0622 | 1 Qnx | 1 Rtos | 2023-12-10 | 4.9 MEDIUM | N/A |
QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb. |