Search Results (6909 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3635 1 Linux 1 Linux Kernel 2025-04-20 N/A
The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state.
CVE-2017-6552 1 Sagemcom 2 Livebox, Livebox Firmware 2025-04-20 N/A
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition for telephone, Internet, and TV services.
CVE-2016-8367 1 Schneider-electric 16 Magelis Gto Advanced Optimum Panel, Magelis Gto Advanced Optimum Panel Firmware, Magelis Gtu Universal Panel and 13 more 2025-04-20 5.3 Medium
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack.
CVE-2017-15701 1 Apache 1 Qpid Broker-j 2025-04-20 7.5 High
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.
CVE-2017-6161 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 8 more 2025-04-20 N/A
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.
CVE-2017-6043 1 Trihedral 1 Vtscada 2025-04-20 N/A
A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26. The client does not properly validate the input or limit the amount of resources that are utilized by an attacker, which can be used to consume more resources than are available.
CVE-2017-14028 1 Moxa 6 Nport 5110, Nport 5110 Firmware, Nport 5130 and 3 more 2025-04-20 N/A
A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exhaust memory resources by sending a large amount of TCP SYN packets.
CVE-2015-2312 1 Capnproto 1 Capnproto 2025-04-20 N/A
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements.
CVE-2014-3651 1 Keycloak 1 Keycloak 2025-04-20 N/A
JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a denial of service (resource consumption) via a large value in the size parameter to auth/qrcode, related to QR code generation.
CVE-2014-7813 1 Redhat 1 Cloudforms 3.0 Management Engine 2025-04-20 N/A
Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols.
CVE-2017-14360 1 Hp 1 Content Manager 2025-04-20 N/A
A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.00. The vulnerability could be remotely exploited to allow Denial of Service (DoS).
CVE-2017-5857 1 Qemu 1 Qemu 2025-04-20 6.5 Medium
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.
CVE-2017-14086 1 Trendmicro 1 Officescan 2025-04-20 N/A
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with dump files from continuous HTTP requests.
CVE-2017-5650 1 Apache 1 Tomcat 2025-04-20 N/A
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These waiting streams each consumed a thread. A malicious client could therefore construct a series of HTTP/2 requests that would consume all available processing threads.
CVE-2017-5525 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 6.5 Medium
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-14531 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2025-04-20 N/A
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
CVE-2017-14223 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2025-04-20 N/A
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.
CVE-2015-5695 1 Openstack 1 Designate 2025-04-20 N/A
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
CVE-2017-2333 1 Juniper 1 Northstar Controller 2025-04-20 N/A
A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a persistent denial of service by visiting certain specific URLs on the server.
CVE-2017-6017 1 Schneider-electric 30 Bmxnoc0401, Bmxnoc0401 Firmware, Bmxnoe0100 and 27 more 2025-04-20 N/A
A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.