Total
2334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8367 | 1 Schneider-electric | 16 Magelis Gto Advanced Optimum Panel, Magelis Gto Advanced Optimum Panel Firmware, Magelis Gtu Universal Panel and 13 more | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack. | |||||
| CVE-2017-3885 | 1 Cisco | 1 Secure Firewall Management Center | 2025-04-20 | 7.1 HIGH | 5.9 MEDIUM |
| A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Products: This vulnerability affects Cisco Firepower System Software running software releases 6.0.0, 6.1.0, 6.2.0, or 6.2.1 when the device is configured with an SSL policy that has at least one rule specifying traffic decryption. More Information: CSCvc58563. Known Affected Releases: 6.0.0 6.1.0 6.2.0 6.2.1. | |||||
| CVE-2017-10799 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | |||||
| CVE-2017-12318 | 1 Cisco | 2 Rf Gateway 1, Rf Gateway 1 Firmware | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition. The vulnerability is due to a processing error with TCP connections to the affected device. An attacker could exploit this vulnerability by establishing a large number of TCP connections to an affected device and not actively closing those TCP connections. A successful exploit could allow the attacker to prevent the affected device from delivering SDV or VoD streams to set-top boxes. Cisco Bug IDs: CSCvf19887. | |||||
| CVE-2017-5544 | 1 Fiberhome | 6 Fengine 28f-s, Fengine 52f-s, Fengine 52t-s and 3 more | 2025-04-20 | 7.1 HIGH | 5.9 MEDIUM |
| An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login timeout (each of the login attempts will occupy a connection slot for a longer time). Once this occurs, legitimate login attempts via SSH/telnet will be refused, resulting in a denial of service; you must restart the device. | |||||
| CVE-2014-9842 | 4 Canonical, Imagemagick, Opensuse and 1 more | 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
| CVE-2016-7428 | 1 Ntp | 1 Ntp | 2025-04-20 | 3.3 LOW | 4.3 MEDIUM |
| ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet. | |||||
| CVE-2017-7940 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | |||||
| CVE-2014-3651 | 1 Keycloak | 1 Keycloak | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a denial of service (resource consumption) via a large value in the size parameter to auth/qrcode, related to QR code generation. | |||||
| CVE-2017-15298 | 2 Canonical, Git-scm | 2 Ubuntu Linux, Git | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk. | |||||
| CVE-2017-2461 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted text message. | |||||
| CVE-2017-2327 | 1 Juniper | 1 Northstar Controller | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | |||||
| CVE-2017-15595 | 1 Xen | 1 Xen | 2025-04-20 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | |||||
| CVE-2017-6019 | 1 Schneider-electric | 2 Conext Combox 865-1058, Conext Combox 865-1058 Firmware | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot. | |||||
| CVE-2017-14158 | 1 Scrapy | 1 Scrapy | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by interaction between dataReceived (in core/downloader/handlers/http11.py) and S3FilesStore. | |||||
| CVE-2017-9129 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (large loop) via a crafted wav file. | |||||
| CVE-2017-2535 | 1 Apple | 1 Mac Os X | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Security" component. It allows attackers to conduct sandbox-escape attacks or cause a denial of service (resource consumption) via a crafted app. | |||||
| CVE-2017-6444 | 1 Mikrotik | 2 Router Hap Lite, Routeros | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation. | |||||
| CVE-2017-9259 | 1 Surina | 1 Soundtouch | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file. | |||||
| CVE-2017-7935 | 1 Phoenix Contact Gmbh | 2 Mguard, Mguard Firmware | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN requests. | |||||