Total
2554 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-3121 | 1 High Availability Linux Project | 1 Heartbeat | 2023-12-10 | 5.0 MEDIUM | N/A |
The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message. | |||||
CVE-2006-0053 | 1 Tony Cook | 1 Imager | 2023-12-10 | 2.6 LOW | N/A |
Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference. | |||||
CVE-2005-0756 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash). | |||||
CVE-2005-0803 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 5.0 MEDIUM | N/A |
The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability." | |||||
CVE-2005-2548 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd. | |||||
CVE-2006-1790 | 1 Mozilla | 1 Firefox | 2023-12-10 | 10.0 HIGH | N/A |
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption. | |||||
CVE-2005-3784 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges. | |||||
CVE-2005-3644 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2023-12-10 | 7.8 HIGH | N/A |
PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120. | |||||
CVE-2005-1928 | 1 Trend Micro | 1 Serverprotect Earthagent | 2023-12-10 | 7.8 HIGH | N/A |
Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows remote attackers to cause a denial of service (CPU consumption) via a flood of crafted packets with a certain "magic value" to port 5005, which also leads to a memory leak. | |||||
CVE-2005-1126 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 2.1 LOW | N/A |
The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory. | |||||
CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | |||||
CVE-2006-1992 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable. | |||||
CVE-2005-3857 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function. | |||||
CVE-2006-1993 | 1 Mozilla | 1 Firefox | 2023-12-10 | 5.1 MEDIUM | N/A |
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim. | |||||
CVE-2006-3127 | 1 Sun | 2 Java Enterprise System, Java System Directory Server | 2023-12-10 | 7.8 HIGH | N/A |
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. | |||||
CVE-2006-0354 | 1 Cisco | 8 Aironet Ap1100, Aironet Ap1130ag, Aironet Ap1200 and 5 more | 2023-12-10 | 5.5 MEDIUM | N/A |
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644. | |||||
CVE-2005-3294 | 1 Typsoft | 1 Typsoft Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected. | |||||
CVE-2003-1342 | 2 Microsoft, Trend Micro | 2 Internet Information Server, Virus Control System | 2023-12-10 | 5.0 MEDIUM | N/A |
Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | |||||
CVE-2004-1848 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. | |||||
CVE-2002-2241 | 1 Deerfield | 1 Visnetic Website | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers to cause a denial of service (crash) via a long HTTP OPTIONS request. |