Filtered by vendor
Subscriptions
Total
232 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-9194 | 1 Arbiter | 1 1094b Gps Substation Clock | 2025-07-29 | N/A |
Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts. | ||||
CVE-2019-0941 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-05-20 | 4.4 Medium |
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To exploit this vulnerability, an attacker could send a specially crafted request to a page utilizing request filtering. The update addresses the vulnerability by changing the way certain requests are processed by the filter. | ||||
CVE-2016-1000340 | 2 Bouncycastle, Redhat | 4 Bc-java, Jboss Fuse, Satellite and 1 more | 2025-05-12 | N/A |
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers. | ||||
CVE-2018-6332 | 1 Facebook | 1 Hhvm | 2025-05-06 | 5.9 Medium |
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM (3.24.3 and 3.21.7 and below) when using the proxygen server to handle HTTP2 requests. | ||||
CVE-2016-9252 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more | 2025-04-20 | N/A |
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors. | ||||
CVE-2015-8985 | 1 Gnu | 1 Glibc | 2025-04-20 | 5.9 Medium |
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. | ||||
CVE-2016-6765 | 1 Google | 1 Android | 2025-04-20 | N/A |
A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 7.0. Android ID: A-31449945. | ||||
CVE-2016-5225 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-20 | N/A |
Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page. | ||||
CVE-2016-9650 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-20 | N/A |
Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote attacker to bypass a no-referrer policy via a crafted HTML page. | ||||
CVE-2016-4925 | 1 Juniper | 1 Junose | 2025-04-20 | N/A |
Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. | ||||
CVE-2016-3091 | 1 Cloud Foundry | 1 Diego | 2025-04-20 | N/A |
Cloud Foundry Diego 0.1468.0 through 0.1470.0 allows remote attackers to cause a denial of service. | ||||
CVE-2016-0761 | 2 Cloudfoundry, Pivotal Software | 2 Garden Linux, Cloud Foundry Elastic Runtime | 2025-04-20 | 9.8 Critical |
Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host. | ||||
CVE-2015-1838 | 2 Fedoraproject, Saltstack | 2 Fedora, Salt | 2025-04-20 | N/A |
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | ||||
CVE-2016-9305 | 1 Autodesk | 1 Fbx Software Development Kit | 2025-04-20 | N/A |
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers. | ||||
CVE-2016-5214 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-20 | N/A |
Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page. | ||||
CVE-2016-6286 | 1 Call-cc | 1 Http-client | 2025-04-20 | N/A |
The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" header to the HTTP_PROXY environment variable, which would allow attackers to direct CGI programs which use this environment variable to use an attacker-specified HTTP proxy server (also known as a "httpoxy" attack). This affects all versions of spiffy-cgi-handlers before 0.5. | ||||
CVE-2016-6287 | 1 Call-cc | 1 Http-client | 2025-04-20 | N/A |
The "http-client" egg always used a HTTP_PROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even when running as a CGI process. Under several web servers this would mean a user-supplied "Proxy" header could allow an attacker to direct all HTTP requests through a proxy (also known as a "httpoxy" attack). This affects all versions of http-client before 0.10. | ||||
CVE-2016-2783 | 1 Avaya | 1 Vsp Operating System Software | 2025-04-20 | N/A |
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames. | ||||
CVE-2012-5358 | 1 Ektron | 1 Ektron Content Management System | 2025-04-20 | N/A |
The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary files and consequently bypass authentication, modify viewstate, cause a denial of service, or possibly have unspecified other impact via crafted XSL data. | ||||
CVE-2016-7540 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | N/A |
coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format. |