Search Results (2871 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0478 1 Mozilla 1 Mozilla 2025-04-03 N/A
Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrated using an embedded ctrl-U.
CVE-2004-0918 6 Gentoo, Openpkg, Redhat and 3 more 7 Linux, Openpkg, Enterprise Linux and 4 more 2025-04-03 N/A
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
CVE-2006-4333 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-03 N/A
The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
CVE-2005-3857 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.
CVE-2006-4535 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch.
CVE-2006-4774 1 Cisco 1 Ios 2025-04-03 N/A
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.
CVE-2005-4348 2 Fetchmail, Redhat 2 Fetchmail, Enterprise Linux 2025-04-03 N/A
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
CVE-2006-0622 1 Qnx 1 Rtos 2025-04-03 N/A
QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb.
CVE-2006-3127 1 Sun 2 Java Enterprise System, Java System Directory Server 2025-04-03 N/A
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
CVE-2005-1126 1 Freebsd 1 Freebsd 2025-04-03 N/A
The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory.
CVE-2006-2934 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
CVE-2023-0572 1 Froxlor 1 Froxlor 2025-03-28 5.3 Medium
Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.
CVE-2024-27659 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-03-17 6.5 Medium
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-27661 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-03-17 6.5 Medium
D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-25948 1 Honeywell 4 Direct Station, Engineering Station, Experion Server and 1 more 2025-03-05 7.5 High
Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning.
CVE-2024-12797 1 Redhat 5 Discovery, Enterprise Linux, Logging and 2 more 2025-02-18 6.3 Medium
Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys may be vulnerable to man-in-middle attacks when server authentication failure is not detected by clients. RPKs are disabled by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain. The affected clients are those that then rely on the handshake to fail when the server's RPK fails to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER. Clients that enable server-side raw public keys can still find out that raw public key verification failed by calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This issue was introduced in the initial implementation of RPK support in OpenSSL 3.2. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
CVE-2023-28975 1 Juniper 1 Junos 2025-02-05 4.6 Medium
An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). When certain USB devices are connected to a USB port of the routing-engine (RE), the kernel will crash leading to a reboot of the device. The device will continue to crash as long as the USB device is connected. This issue affects Juniper Networks Junos OS: All versions prior to 19.4R3-S10; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2, 22.2R3; 22.3 versions prior to 22.3R1-S1, 22.3R2; 22.4 versions prior to 22.4R2.
CVE-2022-42878 1 Intel 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector 2025-01-27 2.8 Low
Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-29508 1 Intel 1 Virtual Raid On Cpu 2025-01-27 6.3 Medium
Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-1713 1 Plv8 1 Plv8 2025-01-23 7.2 High
A user who can create objects in a database with plv8 3.2.1 installed is able to cause deferred triggers to execute as the Superuser during autovacuum.