Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2000-1107

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-22 Jan, 2001 | 05:00
Updated At-08 Aug, 2024 | 05:45
Rejected At-
Credits

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:22 Jan, 2001 | 05:00
Updated At:08 Aug, 2024 | 05:45
Rejected At:
â–¼CVE Numbering Authority (CNA)

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
mailing-list
x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
vdb-entry
x_refsource_XF
http://www.securityfocus.com/bid/2015
vdb-entry
x_refsource_BID
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/2015
Resource:
vdb-entry
x_refsource_BID
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
vdb-entry
x_refsource_XF
x_transferred
http://www.securityfocus.com/bid/2015
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/2015
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Jan, 2001 | 05:00
Updated At:16 Apr, 2026 | 00:27

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
SUSE
suse
>>suse_linux>>6.0
cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>6.1
cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>6.2
cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>6.3
cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>6.4
cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>7.0
cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.htmlcve@mitre.org
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/2015cve@mitre.org
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5590cve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/2015af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5590af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/2015
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/2015
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

69Records found
CVE-2005-0470
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.21% / 79.21%
||
7 Day CHG~0.00%
Published-19 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.

Action-Not Available
Vendor-wpa_supplicantn/aGentoo Foundation, Inc.SUSE
Product-linuxsuse_linuxwpa_supplicantn/a
CVE-2004-1174
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.14% / 78.64%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2004-0807
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-9.85% / 93.08%
||
7 Day CHG~0.00%
Published-14 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

Action-Not Available
Vendor-conectivan/aMandriva (Mandrakesoft)Silicon Graphics, Inc.SambaSUSE
Product-mandrake_linuxlinuxsuse_linuxsamban/a
CVE-2015-8930
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.80% / 89.61%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

Action-Not Available
Vendor-n/aCanonical Ltd.libarchiveSUSE
Product-ubuntu_linuxlinux_enterprise_desktoplinux_enterprise_serverlibarchivelinux_enterprise_software_development_kitn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-1285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.82% / 91.44%
||
7 Day CHG~0.00%
Published-06 Mar, 2007 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

Action-Not Available
Vendor-n/aCanonical Ltd.SUSENovellRed Hat, Inc.The PHP Group
Product-ubuntu_linuxenterprise_linux_serverenterprise_linux_workstationphpsuse_linuxenterprise_linux_desktoplinux_enterprise_servern/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2005-1043
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.11% / 78.38%
||
7 Day CHG~0.00%
Published-12 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

Action-Not Available
Vendor-conectivapeachtreen/aApple Inc.Silicon Graphics, Inc.The PHP GroupSUSE
Product-mac_os_xlinuxphpsuse_linuxpropackpeachtree_linuxmac_os_x_servern/a
CVE-2005-0384
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5||MEDIUM
EPSS-12.77% / 94.10%
||
7 Day CHG~0.00%
Published-18 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.

Action-Not Available
Vendor-trustixn/aUbuntuRed Hat, Inc.SUSE
Product-secure_linuxsuse_linuxubuntu_linuxenterprise_linuxn/a
CVE-2005-0398
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-4.06% / 88.67%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

Action-Not Available
Vendor-ipsec-toolsaltlinuxkamen/aRed Hat, Inc.Silicon Graphics, Inc.SUSE
Product-alt_linuxipsec-toolssuse_linuxracoonpropackenterprise_linux_desktopenterprise_linuxn/a
CVE-2004-1093
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.06% / 77.89%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2004-1139
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.15% / 90.92%
||
7 Day CHG~0.00%
Published-31 Dec, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

Action-Not Available
Vendor-conectivaaltlinuxethereal_groupn/aDebian GNU/LinuxSilicon Graphics, Inc.Red Hat, Inc.SUSE
Product-alt_linuxdebian_linuxlinuxlinux_advanced_workstationetherealsuse_linuxpropackenterprise_linux_desktopenterprise_linuxn/a
CVE-2004-0886
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-10.99% / 93.52%
||
7 Day CHG~0.00%
Published-26 Oct, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

Action-Not Available
Vendor-trustixwxgtk2pdflibn/aApple Inc.LibTIFFMandriva (Mandrakesoft)Red Hat, Inc.KDESUSE
Product-mac_os_xwxgtk2kdelinux_advanced_workstationmandrake_linuxsuse_linuxfedora_coreenterprise_linux_desktoppdf_librarysecure_linuxlibtiffenterprise_linuxmac_os_x_servern/a
CVE-2004-1009
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.29% / 79.88%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2004-1142
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.83% / 92.64%
||
7 Day CHG~0.00%
Published-31 Dec, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

Action-Not Available
Vendor-conectivaaltlinuxethereal_groupn/aDebian GNU/LinuxSilicon Graphics, Inc.Red Hat, Inc.SUSE
Product-alt_linuxdebian_linuxlinuxlinux_advanced_workstationetherealsuse_linuxpropackenterprise_linux_desktopenterprise_linuxn/a
CVE-2004-0956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.05% / 77.76%
||
7 Day CHG~0.00%
Published-05 Dec, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.

Action-Not Available
Vendor-n/aOracle CorporationUbuntuSUSE
Product-suse_linuxubuntu_linuxmysqln/a
CVE-2004-1092
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 73.62%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2009-2625
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-1.11% / 78.39%
||
7 Day CHG-0.14%
Published-06 Aug, 2009 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEOracle CorporationSUSEThe Apache Software FoundationDebian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxprimavera_p6_enterprise_project_portfolio_managementjdklinux_enterprise_serverprimavera_web_servicesfedoraxerces2_javaopensusen/a
CVE-2004-0626
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.74% / 82.73%
||
7 Day CHG~0.00%
Published-06 Jul, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.

Action-Not Available
Vendor-conectivan/aLinux Kernel Organization, IncGentoo Foundation, Inc.SUSE
Product-linux_kernellinuxsuse_linuxn/a
CVE-1999-0831
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.52% / 67.04%
||
7 Day CHG~0.00%
Published-18 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Linux syslogd via a large number of connections.

Action-Not Available
Vendor-cobaltn/aDebian GNU/LinuxSun Microsystems (Oracle Corporation)SUSE
Product-debian_linuxcobalt_raqsuse_linuxcobalt_raq_3iqubecobalt_raq_2n/a
CVE-2005-3626
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-9.17% / 92.79%
||
7 Day CHG~0.00%
Published-06 Jan, 2006 | 22:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Action-Not Available
Vendor-conectivascopopplertrustixtetexxpdflibextractoreasy_software_productsturbolinuxn/aDebian GNU/LinuxMandriva (Mandrakesoft)SlackwareSilicon Graphics, Inc.Gentoo Foundation, Inc.UbuntuRed Hat, Inc.KDESUSE
Product-linuxturbolinux_workstationcupspropackturbolinuxkwordfedora_coresecure_linuxkpdflibextractorslackware_linuxpopplerturbolinux_homeenterprise_linuxkdegraphicsdebian_linuxopenserverxpdfubuntu_linuxlinux_advanced_workstationmandrake_linuxsuse_linuxturbolinux_personalenterprise_linux_desktopkofficetetexturbolinux_desktopturbolinux_multimediaturbolinux_serverturbolinux_appliance_servermandrake_linux_corporate_servern/a
CVE-2002-20001
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-14.68% / 94.57%
||
7 Day CHG~0.00%
Published-11 Nov, 2021 | 00:00
Updated-22 Aug, 2025 | 10:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Action-Not Available
Vendor-stormshieldbalasysn/aHewlett Packard Enterprise (HPE)SUSEF5, Inc.Siemens AG
Product-aruba_cx_8400big-ip_ddos_hybrid_defenderbig-iq_centralized_managementbig-ip_webacceleratoraruba_cx_4100ibig-ip_application_visibility_and_reportingaruba_cx_6300mbig-ip_access_policy_managerf5os-aaruba_cx_6200faruba_cx_6410big-ip_global_traffic_managerbig-ip_local_traffic_managerarubaos-cxaruba_cx_8360-12cbig-ip_domain_name_systembig-ip_carrier-grade_nataruba_cx_6200mbig-ip_application_acceleration_managerscalance_w1750d_firmwarearuba_cx_8360-32y4caruba_cx_8325-48y8cbig-ip_websafearuba_cx_8360-16y2cstormshield_management_centeraruba_cx_8325-32caruba_cx_6405dheateraruba_cx_6300fbig-ip_ssl_orchestratoraruba_cx_8360-48y6cbig-ip_analyticsbig-ip_fraud_protection_servicebig-ip_service_proxyscalance_w1750dbig-ip_advanced_web_application_firewallaruba_cx_6100linux_enterprise_serverbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_edge_gatewayaruba_cx_8360-24xf2caruba_cx_8320traffix_signaling_delivery_controllerbig-ip_policy_enforcement_managerf5os-caruba_cx_8360-48xt4cstormshield_network_securitybig-ip_link_controllern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2005-3322
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.71% / 72.47%
||
7 Day CHG~0.00%
Published-27 Oct, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).

Action-Not Available
Vendor-squidn/aSUSE
Product-squidsuse_linuxn/a
CVE-2009-0949
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-22.43% / 95.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2009 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.openSUSESUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxmac_os_xlinux_enterprisemac_os_x_servercupsopensusen/a
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2004-0592
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 73.12%
||
7 Day CHG~0.00%
Published-23 Jan, 2006 | 20:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2015-6855
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-4.25% / 88.93%
||
7 Day CHG~0.00%
Published-06 Nov, 2015 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMUSUSEDebian GNU/LinuxFedora ProjectArista Networks, Inc.
Product-debian_linuxubuntu_linuxlinux_enterprise_desktopqemueoslinux_enterprise_serverfedoran/a
CWE ID-CWE-369
Divide By Zero
CVE-2004-1091
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.06% / 77.89%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2004-1090
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.06% / 77.89%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2021-41817
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.96%
||
7 Day CHG~0.00%
Published-01 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxRubySUSEopenSUSERed Hat, Inc.
Product-debian_linuxfactorysoftware_collectionslinux_enterprisefedoraenterprise_linuxrubydateleapn/a
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CVE-2010-1634
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.21% / 79.26%
||
7 Day CHG~0.00%
Published-27 May, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSESUSEPython Software FoundationFedora Project
Product-pythonubuntu_linuxlinux_enterprise_serverfedoraopensusen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-1999-0746
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.03% / 90.83%
||
7 Day CHG~0.00%
Published-22 Mar, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.

Action-Not Available
Vendor-n/aSlackwareSUSE
Product-suse_linuxslackware_linuxn/a
CVE-1999-0804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.41% / 90.25%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncRed Hat, Inc.SUSE
Product-debian_linuxlinux_kernellinuxsuse_linuxn/a
CVE-2018-17962
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.90%
||
7 Day CHG~0.00%
Published-09 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

Action-Not Available
Vendor-n/aSUSEDebian GNU/LinuxRed Hat, Inc.QEMUOracle CorporationCanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_serverdebian_linuxqemulinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-12122
Matching Score-8
Assigner-Node.js
ShareView Details
Matching Score-8
Assigner-Node.js
CVSS Score-7.5||HIGH
EPSS-2.34% / 85.07%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 17:00
Updated-13 Dec, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)SUSE
Product-node.jssuse_openstack_cloudsuse_enterprise_storagesuse_linux_enterprise_serverNode.js
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-5300
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-36.84% / 97.21%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

Action-Not Available
Vendor-ntpn/aCanonical Ltd.openSUSESUSERed Hat, Inc.Debian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxlinux_enterprise_desktopenterprise_linux_desktopntplinux_enterprise_debuginfolinux_enterprise_serverenterprise_linux_server_eusfedoralinux_enterprise_software_development_kitenterprise_linux_hpc_node_eusenterprise_linux_serverenterprise_linux_workstationmanagersuse_linux_enterprise_servermanager_proxyleapenterprise_linux_hpc_nodeopenstack_cloudopensusen/a
CVE-2015-5219
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.24% / 84.77%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Action-Not Available
Vendor-ntpn/aCanonical Ltd.openSUSEOracle CorporationSiemens AGSUSENovellRed Hat, Inc.Debian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxenterprise_linux_desktopntplinux_enterprise_debuginfolinux_enterprise_serverfedoratim_4r-id_dnp3tim_4r-ieenterprise_linux_serverenterprise_linux_workstationmanagertim_4r-id_dnp3_firmwaremanager_proxyleaplinuxenterprise_linux_hpc_nodetim_4r-ie_firmwareopenstack_cloudn/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2016-9398
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.11% / 88.74%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

Action-Not Available
Vendor-n/aJasPeropenSUSESUSEFedora Project
Product-linux_enterprise_desktopjasperleaplinux_enterprise_serverfedoralinux_enterprise_software_development_kitn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2016-7797
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.42% / 85.30%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

Action-Not Available
Vendor-clusterlabsn/aopenSUSERed Hat, Inc.SUSE
Product-pacemakerlinux_enterprise_high_availabilityleapenterprise_linux_high_availabilityenterprise_linux_resilient_storagelinux_enterprise_software_development_kitn/a
CVE-2016-4957
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-59.07% / 98.26%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationNovellSUSE
Product-linux_enterprise_desktopsuse_managerntpmanager_proxyleapsolarislinux_enterprise_serveropenstack_cloudopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.40% / 80.65%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSENovell
Product-simatic_net_cp_443-1_opc_ualinux_enterprise_desktopsuse_managerntpmanager_proxyleapsolarislinux_enterprise_serversimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CVE-2016-4954
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.47% / 90.30%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSE
Product-tim_4r-iesimatic_net_cp_443-1_opc_ualinux_enterprise_desktoptim_4r-ie_dnp3_firmwaremanagertim_4r-ie_dnp3ntpmanager_proxyleapsolarislinux_enterprise_servertim_4r-ie_firmwaresimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-5285
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-1.63% / 82.10%
||
7 Day CHG~0.00%
Published-15 Nov, 2019 | 15:44
Updated-06 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

Action-Not Available
Vendor-SUSEDebian GNU/LinuxRed Hat, Inc.Mozilla CorporationAvaya LLC
Product-call_management_systemlinux_enterprise_serveraura_application_server_5300cs1000e\/cs1000m_signaling_server_firmwareaura_communication_managermessage_networkingcs1000m_firmwareproactive_contactiqcs1000e_firmwareaura_system_platformbreeze_platformaura_application_enablement_servicesaura_system_platform_firmwareaura_communication_manager_messagintone-x_client_enablement_servicesip_officeaura_system_manageraura_utility_servicesaura_conferencingaura_experience_portalaura_session_managersession_border_controller_for_enterpriseenterprise_linuxcs1000msession_border_controller_for_enterprise_firmwaremeeting_exchangecs1000edebian_linuxaura_messagingcs1000e\/cs1000m_signaling_servernssNetwork Security Services
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-13.62% / 94.34%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSE
Product-tim_4r-iesimatic_net_cp_443-1_opc_ualinux_enterprise_desktoptim_4r-ie_dnp3_firmwaremanagertim_4r-ie_dnp3ntpmanager_proxyleapsolarislinux_enterprise_servertim_4r-ie_firmwaresimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-1286
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-53.59% / 98.02%
||
7 Day CHG~0.00%
Published-09 Mar, 2016 | 23:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEJuniper Networks, Inc.Internet Systems Consortium, Inc.SUSEDebian GNU/LinuxFedora Project
Product-srx2300ubuntu_linuxsrx345srx1600srx110fedorasrx5800srx300srx4700vsrxsrx380managersrx550_hmsrx550msrx650srx1400srx240mleapsrx3400srx4000srx100opensusesrx1500debian_linuxlinux_enterprise_desktopsrx340srx4100srx5600linux_enterprise_debuginfolinux_enterprise_serversrx320srx3600srx4300linux_enterprise_software_development_kitsrx4600srx240h2junossrx5000srx220manager_proxysrx4200bindsrx550srx5400srx210openstack_cloudsrx240n/a
CVE-2015-5194
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-8.41% / 92.43%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

Action-Not Available
Vendor-ntpn/aCanonical Ltd.SUSERed Hat, Inc.Debian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmanagerenterprise_linux_desktopntpmanager_proxylinux_enterprise_debuginfolinux_enterprise_serverenterprise_linux_hpc_nodefedoraopenstack_cloudn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2695
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.58% / 89.34%
||
7 Day CHG~0.00%
Published-09 Nov, 2015 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEOracle CorporationMIT (Massachusetts Institute of Technology)SUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxlinux_enterprise_desktopkerberos_5leapsolarislinux_enterprise_serverlinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2015-2568
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-4.02% / 88.60%
||
7 Day CHG+0.06%
Published-16 Apr, 2015 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationSUSERed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxlinux_enterprise_desktopenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tussolarislinux_enterprise_servercommunications_policy_managemententerprise_linux_eusenterprise_linux_server_auslinux_enterprise_software_development_kitn/a
CVE-2015-3195
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-3.48% / 87.73%
||
7 Day CHG~0.00%
Published-06 Dec, 2015 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

Action-Not Available
Vendor-n/aCanonical Ltd.Apple Inc.openSUSEOracle CorporationSUSEOpenSSLRed Hat, Inc.Debian GNU/LinuxFedora Project
Product-vm_serverubuntu_linuxdebian_linuxmac_os_xsun_ray_softwareapi_gatewayenterprise_linux_server_tusenterprise_linux_desktopvm_virtualboxlife_sciences_data_hublinux_enterprise_serverenterprise_linux_server_ausfedoraintegrated_lights_out_manager_firmwarehttp_servercommunications_webrtc_session_controllerenterprise_linux_serverenterprise_linux_workstationtransportation_managementleapsolarislinuxopensslexalogic_infrastructureopensusen/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-0272
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.91% / 76.08%
||
7 Day CHG~0.00%
Published-17 Nov, 2015 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

Action-Not Available
Vendor-n/aCanonical Ltd.The GNOME ProjectOracle CorporationSUSE
Product-ubuntu_linuxlinux_enterprise_desktopnetworkmanagerlinux_enterprise_workstation_extensionlinux_enterprise_real_time_extensionlinux_enterprise_debuginfolinux_enterprise_serverlinuxlinux_enterprise_software_development_kitn/a
CVE-2014-9116
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.52% / 87.79%
||
7 Day CHG~0.00%
Published-02 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.

Action-Not Available
Vendor-muttmageian/aDebian GNU/LinuxSUSE
Product-debian_linuxlinux_enterprise_desktopmuttsuse_linux_enterprise_servermageian/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.94% / 83.66%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

Action-Not Available
Vendor-n/aCanonical Ltd.ImageMagick Studio LLCopenSUSESUSE
Product-imagemagickubuntu_linuxsuse_linux_enterprise_serverleaplinux_enterprise_serverlinux_enterprise_software_development_kitopensusen/a
CVE-2014-8121
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-2.53% / 85.64%
||
7 Day CHG~0.00%
Published-27 Mar, 2015 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

Action-Not Available
Vendor-n/aCanonical Ltd.GNUSUSE
Product-glibcsuse_linux_enterprise_desktopubuntu_linuxsuse_linux_enterprise_servern/a
  • Previous
  • 1
  • 2
  • Next
Details not found