| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. |
| In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would consume huge CPU and memory resources, since there is no EOF check inside the loop. |
| Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website. |
| Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file. |
| The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. |
| Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR. |
| The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve() call failed, resulting in a memory leak. This could be abused by an attacker to cause resource exhaustion or a denial of service. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). |
| The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet. |
| ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet. |
| Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. |
| Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory. |
| The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis). |
| kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion in the router resulting in DoS |
| Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS. |
| Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services component of Junos OS allows an attacker to cause a repeated denial of service against the target. Repeated traffic in a cluster may cause repeated flip-flop failure operations or full failure to the flowd daemon halting traffic on all nodes. Only IPv6 traffic is affected by this issue. IPv4 traffic is unaffected. This issues is not seen with to-host traffic. This issue has no relation with HA services themselves, only the ALG service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D55 on SRX; 12.1X47 prior to 12.1X47-D45 on SRX; 12.3X48 prior to 12.3X48-D32, 12.3X48-D35 on SRX; 15.1X49 prior to 15.1X49-D60 on SRX. |
| A vulnerability in telnetd service on Junos OS allows a remote attacker to cause a limited memory and/or CPU consumption denial of service attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D45; 12.3X48 prior to 12.3X48-D30; 14.1 prior to 14.1R4-S9, 14.1R8; 14.2 prior to 14.2R6; 15.1 prior to 15.1F5, 15.1R3; 15.1X49 prior to 15.1X49-D40; 15.1X53 prior to 15.1X53-D232, 15.1X53-D47. |
| A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9; 14.1X53 prior to 14.1X53-D50; 14.2 prior to 14.2R7-S9, 14.2R8; 15.1 prior to 15.1F2-S16, 15.1F5-S7, 15.1F6-S6, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D90; 15.1X53 prior to 15.1X53-D47; 16.1 prior to 16.1R4-S1, 16.1R5; 16.2 prior to 16.2R1-S3, 16.2R2; |
| When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). |
| The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. |
| coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. |
