Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2004-0807

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Sep, 2004 | 04:00
Updated At-08 Aug, 2024 | 00:31
Rejected At-
Credits

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Sep, 2004 | 04:00
Updated At:08 Aug, 2024 | 00:31
Rejected At:
â–¼CVE Numbering Authority (CNA)

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
vdb-entry
signature
x_refsource_OVAL
http://www.trustix.net/errata/2004/0046/
vendor-advisory
x_refsource_TRUSTIX
http://www.redhat.com/support/errata/RHSA-2004-467.html
vendor-advisory
x_refsource_REDHAT
http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
third-party-advisory
x_refsource_IDEFENSE
http://marc.info/?l=bugtraq&m=109509335230495&w=2
mailing-list
x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=109526231623307&w=2
mailing-list
x_refsource_BUGTRAQ
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873
vendor-advisory
x_refsource_CONECTIVA
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
vendor-advisory
x_refsource_MANDRAKE
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
vendor-advisory
x_refsource_SGI
http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.trustix.net/errata/2004/0046/
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://www.redhat.com/support/errata/RHSA-2004-467.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://marc.info/?l=bugtraq&m=109509335230495&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://marc.info/?l=bugtraq&m=109526231623307&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873
Resource:
vendor-advisory
x_refsource_CONECTIVA
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
Resource:
vendor-advisory
x_refsource_GENTOO
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.trustix.net/errata/2004/0046/
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://www.redhat.com/support/errata/RHSA-2004-467.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://marc.info/?l=bugtraq&m=109509335230495&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://marc.info/?l=bugtraq&m=109526231623307&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873
vendor-advisory
x_refsource_CONECTIVA
x_transferred
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
vendor-advisory
x_refsource_MANDRAKE
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
vendor-advisory
x_refsource_SGI
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.trustix.net/errata/2004/0046/
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2004-467.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=109509335230495&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=109526231623307&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873
Resource:
vendor-advisory
x_refsource_CONECTIVA
x_transferred
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Sep, 2004 | 04:00
Updated At:16 Apr, 2026 | 00:27

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Samba
samba
>>samba>>3.0.0
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.1
cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.2
cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.2a
cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.3
cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.4
cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.4
cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.5
cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.6
cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0
cpe:2.3:a:sgi:samba:3.0:*:irix:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0.1
cpe:2.3:a:sgi:samba:3.0.1:*:irix:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0.2
cpe:2.3:a:sgi:samba:3.0.2:*:irix:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0.3
cpe:2.3:a:sgi:samba:3.0.3:*:irix:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0.4
cpe:2.3:a:sgi:samba:3.0.4:*:irix:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0.5
cpe:2.3:a:sgi:samba:3.0.5:*:irix:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>samba>>3.0.6
cpe:2.3:a:sgi:samba:3.0.6:*:irix:*:*:*:*:*
conectiva
conectiva
>>linux>>9.0
cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*
conectiva
conectiva
>>linux>>10.0
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>10.0
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
Mandriva (Mandrakesoft)
mandrakesoft
>>mandrake_linux>>10.0
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
SUSE
suse
>>suse_linux>>8
cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
SUSE
suse
>>suse_linux>>8.1
cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>8.2
cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.0
cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.0
cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.0
cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.1
cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-Pcve@mitre.org
N/A
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873cve@mitre.org
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=109509335230495&w=2cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=109526231623307&w=2cve@mitre.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-200409-16.xmlcve@mitre.org
Patch
Vendor Advisory
http://www.idefense.com/application/poi/display?id=139&type=vulnerabilitiescve@mitre.org
Patch
Vendor Advisory
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2004-467.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.trustix.net/errata/2004/0046/cve@mitre.org
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141cve@mitre.org
N/A
ftp://patches.sgi.com/support/free/security/advisories/20041201-01-Paf854a3a-2127-422b-91ae-364da2661108
N/A
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=109509335230495&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=109526231623307&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gentoo.org/security/en/glsa/glsa-200409-16.xmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.idefense.com/application/poi/display?id=139&type=vulnerabilitiesaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2004-467.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.trustix.net/errata/2004/0046/af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=109509335230495&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=109526231623307&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2004-467.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.trustix.net/errata/2004/0046/
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000873
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=109509335230495&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=109526231623307&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200409-16.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.idefense.com/application/poi/display?id=139&type=vulnerabilities
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:092
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2004-467.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.trustix.net/errata/2004/0046/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11141
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

150Records found
CVE-2016-7797
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.42% / 85.49%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

Action-Not Available
Vendor-clusterlabsn/aopenSUSERed Hat, Inc.SUSE
Product-pacemakerlinux_enterprise_high_availabilityleapenterprise_linux_high_availabilityenterprise_linux_resilient_storagelinux_enterprise_software_development_kitn/a
CVE-2013-3801
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.62% / 70.61%
||
7 Day CHG~0.00%
Published-17 Jul, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEOracle CorporationSUSE
Product-linux_enterprise_desktopmariadbmysqllinux_enterprise_serverlinux_enterprise_software_development_kitopensusen/a
CVE-2016-4956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.42% / 81.06%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSENovell
Product-simatic_net_cp_443-1_opc_ualinux_enterprise_desktopsuse_managerntpmanager_proxyleapsolarislinux_enterprise_serversimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CVE-2016-5285
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-1.63% / 82.34%
||
7 Day CHG~0.00%
Published-15 Nov, 2019 | 15:44
Updated-06 Aug, 2024 | 00:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

Action-Not Available
Vendor-SUSEDebian GNU/LinuxRed Hat, Inc.Mozilla CorporationAvaya LLC
Product-call_management_systemlinux_enterprise_serveraura_application_server_5300cs1000e\/cs1000m_signaling_server_firmwareaura_communication_managermessage_networkingcs1000m_firmwareproactive_contactiqcs1000e_firmwareaura_system_platformbreeze_platformaura_application_enablement_servicesaura_system_platform_firmwareaura_communication_manager_messagintone-x_client_enablement_servicesip_officeaura_system_manageraura_utility_servicesaura_conferencingaura_experience_portalaura_session_managersession_border_controller_for_enterpriseenterprise_linuxcs1000msession_border_controller_for_enterprise_firmwaremeeting_exchangecs1000edebian_linuxaura_messagingcs1000e\/cs1000m_signaling_servernssNetwork Security Services
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.72% / 94.17%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSE
Product-tim_4r-iesimatic_net_cp_443-1_opc_ualinux_enterprise_desktoptim_4r-ie_dnp3_firmwaremanagertim_4r-ie_dnp3ntpmanager_proxyleapsolarislinux_enterprise_servertim_4r-ie_firmwaresimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-4954
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.87% / 88.54%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSE
Product-tim_4r-iesimatic_net_cp_443-1_opc_ualinux_enterprise_desktoptim_4r-ie_dnp3_firmwaremanagertim_4r-ie_dnp3ntpmanager_proxyleapsolarislinux_enterprise_servertim_4r-ie_firmwaresimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-4957
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-53.72% / 98.06%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationNovellSUSE
Product-linux_enterprise_desktopsuse_managerntpmanager_proxyleapsolarislinux_enterprise_serveropenstack_cloudopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-1999-0804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.41% / 90.38%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncRed Hat, Inc.SUSE
Product-debian_linuxlinux_kernellinuxsuse_linuxn/a
CVE-1999-0831
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.52% / 67.36%
||
7 Day CHG~0.00%
Published-18 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Linux syslogd via a large number of connections.

Action-Not Available
Vendor-cobaltn/aDebian GNU/LinuxSun Microsystems (Oracle Corporation)SUSE
Product-debian_linuxcobalt_raqsuse_linuxcobalt_raq_3iqubecobalt_raq_2n/a
CVE-2005-0470
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.21% / 79.44%
||
7 Day CHG~0.00%
Published-19 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.

Action-Not Available
Vendor-wpa_supplicantn/aGentoo Foundation, Inc.SUSE
Product-linuxsuse_linuxwpa_supplicantn/a
CVE-2007-6284
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-5.55% / 90.50%
||
7 Day CHG+0.45%
Published-12 Jan, 2008 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

Action-Not Available
Vendor-n/aMandriva (Mandrakesoft)Red Hat, Inc.Debian GNU/Linux
Product-mandrake_linux_corporate_serverdebian_linuxmandrake_linuxfedoran/a
CVE-2007-1546
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-9.96% / 93.23%
||
7 Day CHG~0.00%
Published-20 Mar, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c.

Action-Not Available
Vendor-radscann/aMandriva (Mandrakesoft)
Product-mandrake_linuxnetwork_audio_systemn/a
CVE-2005-0472
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-8.20% / 92.42%
||
7 Day CHG~0.00%
Published-19 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

Action-Not Available
Vendor-rob_flynnn/aMandriva (Mandrakesoft)Red Hat, Inc.
Product-mandrake_linuxenterprise_linux_desktopgaimenterprise_linuxmandrake_linux_corporate_servern/a
CVE-2007-1545
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.30% / 92.47%
||
7 Day CHG~0.00%
Published-20 Mar, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.

Action-Not Available
Vendor-radscann/aMandriva (Mandrakesoft)
Product-mandrake_linuxnetwork_audio_systemn/a
CVE-2007-1544
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-9.10% / 92.87%
||
7 Day CHG~0.00%
Published-20 Mar, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.

Action-Not Available
Vendor-radscann/aMandriva (Mandrakesoft)
Product-mandrake_linuxnetwork_audio_systemn/a
CVE-2007-1285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.68% / 90.63%
||
7 Day CHG-1.14%
Published-06 Mar, 2007 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

Action-Not Available
Vendor-n/aCanonical Ltd.SUSENovellRed Hat, Inc.The PHP Group
Product-ubuntu_linuxenterprise_linux_serverenterprise_linux_workstationphpsuse_linuxenterprise_linux_desktoplinux_enterprise_servern/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2013-4458
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.20% / 79.39%
||
7 Day CHG~0.00%
Published-12 Dec, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.

Action-Not Available
Vendor-n/aSUSEGNU
Product-linux_enterprise_serverglibclinux_enterprise_debuginfon/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-17962
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 50.34%
||
7 Day CHG~0.00%
Published-09 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 11:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

Action-Not Available
Vendor-n/aSUSEDebian GNU/LinuxRed Hat, Inc.QEMUOracle CorporationCanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_serverdebian_linuxqemulinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2006-3403
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-29.76% / 96.76%
||
7 Day CHG~0.00%
Published-12 Jul, 2006 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.

Action-Not Available
Vendor-n/aSamba
Product-samban/a
CVE-2005-3626
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-9.17% / 92.90%
||
7 Day CHG~0.00%
Published-06 Jan, 2006 | 22:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Action-Not Available
Vendor-xpdfscoeasy_software_productsconectivalibextractorturbolinuxtetextrustixpopplern/aDebian GNU/LinuxMandriva (Mandrakesoft)SlackwareSilicon Graphics, Inc.Gentoo Foundation, Inc.UbuntuRed Hat, Inc.KDESUSE
Product-linuxturbolinux_workstationcupspropackturbolinuxkwordfedora_coresecure_linuxkpdflibextractorslackware_linuxpopplerturbolinux_homeenterprise_linuxkdegraphicsdebian_linuxopenserverxpdfubuntu_linuxlinux_advanced_workstationmandrake_linuxsuse_linuxturbolinux_personalenterprise_linux_desktopkofficetetexturbolinux_desktopturbolinux_multimediaturbolinux_serverturbolinux_appliance_servermandrake_linux_corporate_servern/a
CVE-2005-2377
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 73.43%
||
7 Day CHG~0.00%
Published-26 Jul, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.

Action-Not Available
Vendor-n/aMandriva (Mandrakesoft)
Product-mandrake_linuxmandrake_linux_corporate_servern/a
CVE-2005-0398
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-4.06% / 88.83%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

Action-Not Available
Vendor-altlinuxipsec-toolskamen/aRed Hat, Inc.Silicon Graphics, Inc.SUSE
Product-alt_linuxipsec-toolssuse_linuxracoonpropackenterprise_linux_desktopenterprise_linuxn/a
CVE-2005-1043
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.11% / 78.61%
||
7 Day CHG~0.00%
Published-12 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

Action-Not Available
Vendor-conectivapeachtreen/aApple Inc.Silicon Graphics, Inc.The PHP GroupSUSE
Product-mac_os_xlinuxphpsuse_linuxpropackpeachtree_linuxmac_os_x_servern/a
CVE-2018-12122
Matching Score-8
Assigner-Node.js
ShareView Details
Matching Score-8
Assigner-Node.js
CVSS Score-7.5||HIGH
EPSS-2.34% / 85.27%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 17:00
Updated-13 Dec, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)SUSE
Product-node.jssuse_openstack_cloudsuse_enterprise_storagesuse_linux_enterprise_serverNode.js
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2004-2002
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 73.43%
||
7 Day CHG~0.00%
Published-10 May, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2004-2392
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.96% / 76.94%
||
7 Day CHG~0.00%
Published-17 Aug, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

Action-Not Available
Vendor-n/aMandriva (Mandrakesoft)
Product-mandrake_linuxmandrake_linux_corporate_servern/a
CVE-2004-0983
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.12% / 78.69%
||
7 Day CHG~0.00%
Published-19 Nov, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

Action-Not Available
Vendor-yukihiro_matsumoton/aUbuntuMandriva (Mandrakesoft)Gentoo Foundation, Inc.
Product-linuxubuntu_linuxmandrake_linuxrubymandrake_linux_corporate_servern/a
CVE-2004-1139
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.15% / 91.05%
||
7 Day CHG~0.00%
Published-31 Dec, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

Action-Not Available
Vendor-altlinuxconectivaethereal_groupn/aDebian GNU/LinuxSilicon Graphics, Inc.Red Hat, Inc.SUSE
Product-alt_linuxdebian_linuxlinuxlinux_advanced_workstationetherealsuse_linuxpropackenterprise_linux_desktopenterprise_linuxn/a
CVE-2004-1090
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.06% / 78.12%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2004-1009
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.29% / 80.12%
||
7 Day CHG~0.00%
Published-22 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

Action-Not Available
Vendor-turbolinuxn/aDebian GNU/LinuxMidnight CommanderGentoo Foundation, Inc.Red Hat, Inc.SUSE
Product-debian_linuxlinuxlinux_advanced_workstationturbolinux_workstationsuse_linuxmidnight_commanderturbolinux_serverenterprise_linuxn/a
CVE-2004-1014
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.46% / 85.61%
||
7 Day CHG~0.00%
Published-08 Dec, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

Action-Not Available
Vendor-nfsn/aDebian GNU/LinuxRed Hat, Inc.Mandriva (Mandrakesoft)
Product-debian_linuxmandrake_linuxenterprise_linux_desktopnfs-utilsenterprise_linuxmandrake_linux_corporate_servern/a
CVE-2004-0809
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-14.02% / 94.52%
||
7 Day CHG~0.00%
Published-17 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

Action-Not Available
Vendor-trustixturbolinuxn/aThe Apache Software FoundationHP Inc.Debian GNU/LinuxMandriva (Mandrakesoft)Gentoo Foundation, Inc.Red Hat, Inc.
Product-debian_linuxlinuxmandrake_linuxsecure_web_server_for_tru64http_serverenterprise_linux_desktophp-uxsecure_linuxturbolinux_desktopturbolinux_serverturbolinux_homeenterprise_linuxn/a
CVE-2004-0592
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 73.43%
||
7 Day CHG~0.00%
Published-23 Jan, 2006 | 20:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2004-0633
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-36.54% / 97.24%
||
7 Day CHG~0.00%
Published-08 Jul, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

Action-Not Available
Vendor-ethereal_groupn/aRed Hat, Inc.Mandriva (Mandrakesoft)Gentoo Foundation, Inc.
Product-linuxlinux_advanced_workstationetherealmandrake_linuxenterprise_linuxn/a
CVE-2004-0232
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.03% / 77.83%
||
7 Day CHG~0.00%
Published-05 May, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

Action-Not Available
Vendor-n/aMidnight CommanderSlackwareGentoo Foundation, Inc.Silicon Graphics, Inc.
Product-midnight_commanderlinuxpropackslackware_linuxn/a
CVE-2003-0573
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.48% / 65.67%
||
7 Day CHG~0.00%
Published-18 Aug, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2003-0572
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.54% / 68.25%
||
7 Day CHG~0.00%
Published-18 Aug, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2003-0991
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.58% / 82.07%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.

Action-Not Available
Vendor-n/aGNUSilicon Graphics, Inc.
Product-mailmanpropackn/a
CVE-2003-0797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.91% / 76.38%
||
7 Day CHG~0.00%
Published-10 Mar, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2003-0576
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 71.55%
||
7 Day CHG~0.00%
Published-15 Aug, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2003-0176
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 71.55%
||
7 Day CHG~0.00%
Published-18 Aug, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2002-20001
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-18.72% / 95.45%
||
7 Day CHG+4.04%
Published-11 Nov, 2021 | 00:00
Updated-22 Aug, 2025 | 10:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Action-Not Available
Vendor-balasysstormshieldn/aHewlett Packard Enterprise (HPE)SUSEF5, Inc.Siemens AG
Product-aruba_cx_8400big-ip_ddos_hybrid_defenderbig-iq_centralized_managementbig-ip_webacceleratoraruba_cx_4100ibig-ip_application_visibility_and_reportingaruba_cx_6300mbig-ip_access_policy_managerf5os-aaruba_cx_6200faruba_cx_6410big-ip_global_traffic_managerbig-ip_local_traffic_managerarubaos-cxaruba_cx_8360-12cbig-ip_domain_name_systembig-ip_carrier-grade_nataruba_cx_6200mbig-ip_application_acceleration_managerscalance_w1750d_firmwarearuba_cx_8360-32y4caruba_cx_8325-48y8cbig-ip_websafearuba_cx_8360-16y2cstormshield_management_centeraruba_cx_8325-32caruba_cx_6405dheateraruba_cx_6300fbig-ip_ssl_orchestratoraruba_cx_8360-48y6cbig-ip_analyticsbig-ip_fraud_protection_servicebig-ip_service_proxyscalance_w1750dbig-ip_advanced_web_application_firewallaruba_cx_6100linux_enterprise_serverbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_edge_gatewayaruba_cx_8360-24xf2caruba_cx_8320traffix_signaling_delivery_controllerbig-ip_policy_enforcement_managerf5os-caruba_cx_8360-48xt4cstormshield_network_securitybig-ip_link_controllern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2002-0039
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 71.55%
||
7 Day CHG~0.00%
Published-30 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2001-0796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.76% / 73.93%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.

Action-Not Available
Vendor-n/aFreeBSD FoundationSilicon Graphics, Inc.
Product-freebsdirixn/a
CVE-2005-0384
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5||MEDIUM
EPSS-12.77% / 94.19%
||
7 Day CHG~0.00%
Published-18 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.

Action-Not Available
Vendor-trustixn/aUbuntuRed Hat, Inc.SUSE
Product-secure_linuxsuse_linuxubuntu_linuxenterprise_linuxn/a
CVE-2005-1267
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-11.27% / 93.71%
||
7 Day CHG~0.00%
Published-20 Jun, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

Action-Not Available
Vendor-lbltrustixn/aRed Hat, Inc.Mandriva (Mandrakesoft)Gentoo Foundation, Inc.
Product-linuxmandrake_linuxfedora_coresecure_linuxtcpdumpn/a
CVE-2005-0761
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.07% / 78.27%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.ImageMagick Studio LLC
Product-imagemagickpropackn/a
CVE-2001-0136
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.26% / 79.86%
||
7 Day CHG~0.00%
Published-18 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

Action-Not Available
Vendor-proftpdconectivan/aMandriva (Mandrakesoft)Debian GNU/Linux
Product-debian_linuxmandrake_linuxlinuxproftpdn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2000-0668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.51% / 91.35%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

Action-Not Available
Vendor-conectivamichael_k._johnsonn/aRed Hat, Inc.
Product-pam_consolelinuxn/a
CVE-2000-0939
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.70% / 72.60%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart.

Action-Not Available
Vendor-n/aSamba
Product-samban/a
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found