Total
2334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5403 | 5 Canonical, Debian, Oracle and 2 more | 13 Ubuntu Linux, Debian Linux, Linux and 10 more | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion. | |||||
| CVE-2014-1500 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. | |||||
| CVE-2014-7970 | 3 Canonical, Linux, Novell | 3 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Server | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call. | |||||
| CVE-2015-1779 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | 7.8 HIGH | 8.6 HIGH |
| The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. | |||||
| CVE-2014-8124 | 4 Fedoraproject, Openstack, Opensuse and 1 more | 4 Fedora, Horizon, Opensuse and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page. | |||||
| CVE-2014-3687 | 8 Canonical, Debian, Linux and 5 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter. | |||||
| CVE-2014-3122 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | 4.9 MEDIUM | N/A |
| The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings. | |||||
| CVE-2016-8666 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039. | |||||
| CVE-2014-3672 | 2 Redhat, Xen | 2 Libvirt, Xen | 2025-04-12 | 2.1 LOW | 6.5 MEDIUM |
| The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr. | |||||
| CVE-2016-6307 | 1 Openssl | 1 Openssl | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem/statem.c and statem/statem_lib.c. | |||||
| CVE-2016-1784 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site. | |||||
| CVE-2013-5567 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 5.4 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606. | |||||
| CVE-2016-9685 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations. | |||||
| CVE-2014-3407 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 5.0 MEDIUM | N/A |
| The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888. | |||||
| CVE-2014-0118 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux and 1 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. | |||||
| CVE-2014-7255 | 1 Iij | 8 Seil B1, Seil B1 Firmware, Seil X1 and 5 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 through 4.62, SEIL/X2 2.50 through 4.62, SEIL/B1 2.50 through 4.62, and SEIL/x86 Fuji 1.70 through 3.22 allow remote attackers to cause a denial of service (CPU and traffic consumption) via a large number of NTP requests within a short time, which causes unnecessary NTP responses to be sent. | |||||
| CVE-2016-4037 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-12 | 4.9 MEDIUM | 6.0 MEDIUM |
| The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558. | |||||
| CVE-2016-6213 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 4.7 MEDIUM | 4.7 MEDIUM |
| fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts. | |||||
| CVE-2016-0747 | 5 Apple, Canonical, Debian and 2 more | 5 Xcode, Ubuntu Linux, Debian Linux and 2 more | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | |||||
| CVE-2014-3690 | 7 Canonical, Debian, Linux and 4 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. | |||||