ReportizFlow
Filtered by vendor
Subscriptions
Total
566 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3596 | 2 Debian, Polipo Project | 2 Debian Linux, Polipo | 2024-11-21 | 7.5 High |
| Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. | ||||
| CVE-2010-3411 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2024-11-21 | N/A |
| Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors. | ||||
| CVE-2010-2248 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-11-21 | N/A |
| fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions. | ||||
| CVE-2010-0628 | 1 Mit | 1 Kerberos 5 | 2024-11-21 | N/A |
| The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token. | ||||
| CVE-2010-0283 | 1 Mit | 2 Kerberos, Kerberos 5 | 2024-11-21 | N/A |
| The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request. | ||||
| CVE-2009-4027 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-11-21 | N/A |
| Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session. | ||||
| CVE-2009-4026 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch." | ||||
| CVE-2006-6811 | 2 Canonical, Kde | 2 Ubuntu Linux, Ksirc | 2024-11-21 | 6.5 Medium |
| KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow. | ||||
| CVE-2006-6767 | 1 Time-travellers | 1 Oftpd | 2024-11-21 | 7.5 High |
| oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure. | ||||
| CVE-2006-5779 | 2 Canonical, Openldap | 2 Ubuntu Linux, Openldap | 2024-11-21 | 7.5 High |
| OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. | ||||
| CVE-2006-4574 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-11-21 | 7.5 High |
| Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | ||||
| CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2024-11-21 | 7.5 High |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | ||||
| CVE-2024-45396 | 2 Dena, H2o Project | 2 Quicly, Quicly | 2024-11-12 | 7.5 High |
| Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit 2a95896104901589c495bc41460262e64ffcad5c. | ||||
| CVE-2024-45403 | 1 Dena | 1 H2o | 2024-11-12 | 3.7 Low |
| h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, the h2o standalone server automatically restarts, minimizing the impact. However, HTTP requests that were served concurrently will still be disrupted. The vulnerability has been addressed in commit 1ed32b2. Users may disable the use of HTTP/3 to mitigate the issue. | ||||
| CVE-2024-23385 | 1 Qualcomm | 189 205 Mobile Platform, 205 Mobile Platform Firmware, Apq8017 and 186 more | 2024-11-07 | 7.5 High |
| Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | ||||
| CVE-2024-50613 | 1 Libsndfile Project | 1 Libsndfile | 2024-10-31 | 6.5 Medium |
| libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close. | ||||
| CVE-2024-50615 | 1 Tinyxml2 Project | 1 Tinyxml2 | 2024-10-30 | 6.5 Medium |
| TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef. | ||||
| CVE-2024-50614 | 1 Tinyxml2 Project | 1 Tinyxml2 | 2024-10-30 | 6.5 Medium |
| TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef. | ||||
| CVE-2024-10455 | 1 D3tn | 1 Ud3tn | 2024-10-29 | 7.5 High |
| Reachable Assertion in BPv7 parser in µD3TN v0.14.0 allows attacker to disrupt service via malformed Extension Block | ||||
| CVE-2024-44331 | 1 Gstreamer Project | 1 Gst-rtsp-server | 2024-10-23 | 7.5 High |
| Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests. | ||||