Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-2185

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-16 Nov, 2005 | 21:17
Updated At-08 Aug, 2024 | 03:51
Rejected At-
Credits

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:16 Nov, 2005 | 21:17
Updated At:08 Aug, 2024 | 03:51
Rejected At:
▼CVE Numbering Authority (CNA)

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.redhat.com/support/errata/RHSA-2006-0140.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/18684
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
vdb-entry
x_refsource_XF
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
vdb-entry
signature
x_refsource_OVAL
ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
vendor-advisory
x_refsource_SGI
http://www.redhat.com/support/errata/RHSA-2006-0101.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/archive/1/428058/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.securityfocus.com/archive/1/427981/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.securityfocus.com/bid/5020
vdb-entry
x_refsource_BID
http://online.securityfocus.com/archive/1/276968
mailing-list
x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2006-0190.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/18510
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/428028/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.cs.ucsb.edu/~krishna/igmp_dos/
x_refsource_MISC
http://www.securityfocus.com/archive/1/427980/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2006-0191.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/18562
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/18684
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
Resource:
vdb-entry
x_refsource_XF
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.securityfocus.com/bid/5020
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://online.securityfocus.com/archive/1/276968
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/18510
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.cs.ucsb.edu/~krishna/igmp_dos/
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/18562
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.redhat.com/support/errata/RHSA-2006-0140.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/18684
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
vdb-entry
x_refsource_XF
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
vdb-entry
signature
x_refsource_OVAL
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
vendor-advisory
x_refsource_SGI
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0101.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/archive/1/428058/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.securityfocus.com/archive/1/427981/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.securityfocus.com/bid/5020
vdb-entry
x_refsource_BID
x_transferred
http://online.securityfocus.com/archive/1/276968
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0190.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/18510
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/428028/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.cs.ucsb.edu/~krishna/igmp_dos/
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/427980/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0191.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/18562
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/18684
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/5020
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://online.securityfocus.com/archive/1/276968
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/18510
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.cs.ucsb.edu/~krishna/igmp_dos/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/18562
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2002 | 05:00
Updated At:03 Apr, 2025 | 01:03

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 4.9
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Silicon Graphics, Inc.
sgi
>>irix>>6.5
cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.1
cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.2
cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.3
cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.4
cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.5
cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.6
cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.7
cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.8
cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.9
cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.10
cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.11
cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.12
cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.13
cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.14f
cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.14m
cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.15f
cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.15m
cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.16f
cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.16m
cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.17f
cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.17m
cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.18f
cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5.18m
cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>2.2
cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>2.2
cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>2.2
cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>2.2
cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>2.2
cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>2.2
cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>8.0
cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>8.0
cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>8.1
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>8.1
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>8.2
cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_98>>*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_98se>>*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_xp>>*
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_xp>>*
cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>3.0
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>3.0
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>3.0
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>4.0
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>4.0
cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>4.0
cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>3.0
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>4.0
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>linux>>6.2
cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
Red Hat, Inc.
redhat
>>linux>>6.2
cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
Red Hat, Inc.
redhat
>>linux>>6.2
cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

IGMP 1 and 2

Vendor Statements
References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20020901-01-Acve@mitre.org
N/A
http://online.securityfocus.com/archive/1/276968cve@mitre.org
N/A
http://secunia.com/advisories/18510cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18562cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18684cve@mitre.org
Patch
Vendor Advisory
http://www.cs.ucsb.edu/~krishna/igmp_dos/cve@mitre.org
Exploit
Patch
http://www.redhat.com/support/errata/RHSA-2006-0101.htmlcve@mitre.org
Patch
http://www.redhat.com/support/errata/RHSA-2006-0140.htmlcve@mitre.org
Patch
http://www.redhat.com/support/errata/RHSA-2006-0190.htmlcve@mitre.org
Patch
http://www.redhat.com/support/errata/RHSA-2006-0191.htmlcve@mitre.org
Patch
http://www.securityfocus.com/archive/1/427980/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/427981/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/428028/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/428058/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/5020cve@mitre.org
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9436cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736cve@mitre.org
N/A
ftp://patches.sgi.com/support/free/security/advisories/20020901-01-Aaf854a3a-2127-422b-91ae-364da2661108
N/A
http://online.securityfocus.com/archive/1/276968af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/18510af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18562af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18684af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.cs.ucsb.edu/~krishna/igmp_dos/af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://www.redhat.com/support/errata/RHSA-2006-0101.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.redhat.com/support/errata/RHSA-2006-0140.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.redhat.com/support/errata/RHSA-2006-0190.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.redhat.com/support/errata/RHSA-2006-0191.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/archive/1/427980/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/427981/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/428028/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/428058/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/5020af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9436af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://online.securityfocus.com/archive/1/276968
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/18510
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18562
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18684
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.cs.ucsb.edu/~krishna/igmp_dos/
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/5020
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://online.securityfocus.com/archive/1/276968
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/18510
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18562
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18684
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.cs.ucsb.edu/~krishna/igmp_dos/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securityfocus.com/archive/1/427980/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/5020
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/9436
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

278Records found
CVE-2021-20317
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.85%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 10:34
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelkernel
CWE ID-CWE-665
Improper Initialization
CVE-2019-0754
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.47% / 63.64%
||
7 Day CHG~0.00%
Published-08 Apr, 2019 | 23:34
Updated-04 Aug, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows Server
CVE-2008-4510
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-1.03% / 76.45%
||
7 Day CHG~0.00%
Published-09 Oct, 2008 | 16:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allows local users to cause a denial of service (page fault and system crash) via multiple attempts to access a virtual address in a PAGE_NOACCESS memory page.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_vistan/a
CWE ID-CWE-399
Not Available
CVE-2018-8649
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 51.85%
||
7 Day CHG~0.00%
Published-12 Dec, 2018 | 00:00
Updated-05 Aug, 2024 | 07:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2019windows_10Windows Server 2019Windows 10
CVE-2018-8309
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 62.85%
||
7 Day CHG~0.00%
Published-11 Jul, 2018 | 00:00
Updated-05 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows Server 2016Windows 10Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2008
CVE-2018-7542
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.75%
||
7 Day CHG~0.00%
Published-27 Feb, 2018 | 19:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-7492
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.28%
||
7 Day CHG~0.00%
Published-26 Feb, 2018 | 20:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-8205
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.65% / 69.97%
||
7 Day CHG~0.00%
Published-14 Jun, 2018 | 12:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows 10Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2016
CVE-2018-7540
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.50%
||
7 Day CHG~0.00%
Published-27 Feb, 2018 | 19:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-7740
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 25.08%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 08:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-15220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.97%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 21:45
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-416
Use After Free
CVE-2018-5803
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.The Linux Foundation
Product-enterprise_linux_serverdebian_linuxlinux_kernelenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopLinux Kernel
CWE ID-CWE-20
Improper Input Validation
CVE-2018-6253
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.69%
||
7 Day CHG~0.00%
Published-02 Apr, 2018 | 16:00
Updated-17 Sep, 2024 | 03:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationLinux Kernel Organization, IncFreeBSD FoundationMicrosoft CorporationOracle Corporation
Product-freebsdsolarislinux_kernelwindowsgpu_driverGPU Display Driver
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-6252
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.24%
||
7 Day CHG~0.00%
Published-02 Apr, 2018 | 16:00
Updated-16 Sep, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgpu_driverGPU Display Driver
CVE-2018-5333
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-2.10% / 83.36%
||
7 Day CHG~0.00%
Published-11 Jan, 2018 | 07:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-2318
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 23.07%
||
7 Day CHG~0.00%
Published-06 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 00:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-debian_linuxlinux_kernelh500sh410s_firmwareh700s_firmwareh300s_firmwareh500s_firmwareh410c_firmwareh410sh410ch300sh700sKernel
CWE ID-CWE-416
Use After Free
CVE-2018-19967
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-08 Dec, 2018 | 04:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21899
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.30% / 53.01%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 20:23
Updated-02 Jan, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows 10 Version 1507Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2012Windows 8.1Windows Server 2012 (Server Core installation)Windows 7Windows Server 2012 R2 (Server Core installation)Windows 7 Service Pack 1
CVE-2022-21847
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 50.60%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 20:22
Updated-02 Jan, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Denial of Service Vulnerability

Windows Hyper-V Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_11windows_server_2019windows_10Windows Server 2022Windows 10 Version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows Server version 20H2Windows 10 Version 1909
CVE-2018-18690
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 25.20%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2022-21918
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.79% / 87.61%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 20:23
Updated-02 Jan, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DirectX Graphics Kernel File Denial of Service Vulnerability

DirectX Graphics Kernel File Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_11windows_server_2019windows_10Windows Server 2022Windows 10 Version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CVE-2022-21815
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.07%
||
7 Day CHG~0.00%
Published-07 Feb, 2022 | 20:00
Updated-03 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-studiogpu_display_drivervirtual_gpunvswindowsteslaquadrocloud_gaming_guestgeforcertxNVIDIA GPU Display Driver
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-20796
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 5.44%
||
7 Day CHG~0.00%
Published-04 May, 2022 | 17:06
Updated-06 Nov, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.

Action-Not Available
Vendor-ClamAVDebian GNU/LinuxFedora ProjectCisco Systems, Inc.
Product-secure_endpointclamavdebian_linuxfedoraCisco AMP for Endpoints
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-16885
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 12.71%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 16:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.The Linux Foundation
Product-enterprise_linux_serverlinux_kernelkernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-15469
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 40.14%
||
7 Day CHG~0.00%
Published-17 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will simply not be properly set up, resulting in subsequent grant-related hypercalls hitting BUG() checks. An unprivileged guest can cause a BUG() check in the hypervisor, resulting in a denial-of-service (crash).

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-14646
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-26 Nov, 2018 | 19:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopkernel:
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-1516
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.28%
||
7 Day CHG-0.00%
Published-05 May, 2022 | 14:57
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelKernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-12891
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.65%
||
7 Day CHG~0.00%
Published-02 Jul, 2018 | 17:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CVE-2022-0617
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.46%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelKernel
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-10471
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.00%
||
7 Day CHG~0.00%
Published-27 Apr, 2018 | 15:00
Updated-05 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10883
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.07% / 21.01%
||
7 Day CHG-0.01%
Published-30 Jul, 2018 | 15:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopkernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10882
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.10% / 28.04%
||
7 Day CHG+0.02%
Published-27 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxdebian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10876
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.03% / 5.41%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelkernel
CWE ID-CWE-416
Use After Free
CVE-2018-10872
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.31%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_desktopenterprise_linux_workstationenterprise_linuxkernel
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10981
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.17%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 22:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2018-10881
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG-0.00%
Published-26 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linux_for_real_time_for_nfventerprise_linux_desktopenterprise_linux_for_real_timekernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10940
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.14%
||
7 Day CHG-0.00%
Published-09 May, 2018 | 17:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10323
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 25.19%
||
7 Day CHG~0.00%
Published-24 Apr, 2018 | 06:00
Updated-05 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-10322
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.53%
||
7 Day CHG~0.00%
Published-24 Apr, 2018 | 06:00
Updated-05 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverlinux_kernelenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-1000199
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.33% / 55.38%
||
7 Day CHG~0.00%
Published-24 May, 2018 | 13:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0373
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 23.17%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious request to the application. A successful exploit could allow the attacker to cause a DoS condition on the affected system. Cisco Bug IDs: CSCvj47654.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Microsoft Corporation
Product-windowsanyconnect_secure_mobility_clientCisco AnyConnect Secure Mobility Client unknown
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8703
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vulnerability when it improperly handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10Windows Subsystem for Linux
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8704
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 56.26%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Windows Hyper-V
CWE ID-CWE-20
Improper Input Validation
CVE-2021-4147
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 14.99%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.

Action-Not Available
Vendor-n/aRed Hat, Inc.NetApp, Inc.Fedora Project
Product-ontap_select_deploy_administration_utilitylibvirtfedoralibvirt
CWE ID-CWE-667
Improper Locking
CVE-2017-8112
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.41%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2017-7560
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.25%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.

Action-Not Available
Vendor-Red Hat, Inc.
Product-rhnsdrhnsd
CWE ID-CWE-377
Insecure Temporary File
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-8086
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-8515
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.12%
||
7 Day CHG~0.00%
Published-15 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an unauthenticated attacker to send a specially crafted kernel mode request to cause a denial of service on the target system, aka "Windows VAD Cloning Denial of Service Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Microsoft Windows
CVE-2017-8379
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxRed Hat, Inc.
Product-qemudebian_linuxopenstackn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-6260
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 13.24%
||
7 Day CHG~0.00%
Published-28 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-gpu_driverwindowsNVIDIA Windows GPU Display Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found