Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-2177

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-10 Jul, 2005 | 04:00
Updated At-07 Aug, 2024 | 22:15
Rejected At-
Credits

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:10 Jul, 2005 | 04:00
Updated At:07 Aug, 2024 | 22:15
Rejected At:
â–¼CVE Numbering Authority (CNA)

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2006/4502
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/17282
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-190-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/22875
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25373
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/bid/21256
vdb-entry
x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
vendor-advisory
x_refsource_SUNALERT
http://www.vmware.com/download/esx/esx-202-200610-patch.html
x_refsource_CONFIRM
http://secunia.com/advisories/16999
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_12_sr.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/archive/1/451426/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.trustix.org/errata/2005/0034/
vendor-advisory
x_refsource_TRUSTIX
http://www.debian.org/security/2005/dsa-873
vendor-advisory
x_refsource_DEBIAN
http://www.vmware.com/download/esx/esx-213-200610-patch.html
x_refsource_CONFIRM
http://secunia.com/advisories/15930
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/23058
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4677
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/18635
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1017273
vdb-entry
x_refsource_SECTRACK
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
x_refsource_CONFIRM
http://www.vmware.com/download/esx/esx-254-200610-patch.html
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
vendor-advisory
x_refsource_MANDRIVA
http://www.novell.com/linux/security/advisories/2005_24_sr.html
vendor-advisory
x_refsource_SUSE
http://www.vupen.com/english/advisories/2007/1883
vdb-entry
x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-395.html
vendor-advisory
x_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2007_13_sr.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/17217
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-373.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/17135
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/451404/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/17007
third-party-advisory
x_refsource_SECUNIA
http://www.net-snmp.org/about/ChangeLog.html
x_refsource_MISC
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
mailing-list
x_refsource_MLIST
http://www.securityfocus.com/archive/1/451417/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/25787
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/17343
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/14168
vdb-entry
x_refsource_BID
http://www.securityfocus.com/archive/1/451419/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/25432
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-720.html
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2006/4502
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/17282
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-190-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/22875
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25373
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/bid/21256
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.vmware.com/download/esx/esx-202-200610-patch.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/16999
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/archive/1/451426/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.trustix.org/errata/2005/0034/
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://www.debian.org/security/2005/dsa-873
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vmware.com/download/esx/esx-213-200610-patch.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/15930
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/23058
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/4677
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/18635
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1017273
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.novell.com/linux/security/advisories/2005_24_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.vupen.com/english/advisories/2007/1883
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-395.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/17217
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-373.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/17135
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/451404/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/17007
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.net-snmp.org/about/ChangeLog.html
Resource:
x_refsource_MISC
Hyperlink: http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.securityfocus.com/archive/1/451417/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/25787
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/17343
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/14168
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securityfocus.com/archive/1/451419/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/25432
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-720.html
Resource:
vendor-advisory
x_refsource_REDHAT
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2006/4502
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/17282
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-190-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/22875
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25373
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/bid/21256
vdb-entry
x_refsource_BID
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.vmware.com/download/esx/esx-202-200610-patch.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/16999
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2007_12_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/archive/1/451426/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.trustix.org/errata/2005/0034/
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://www.debian.org/security/2005/dsa-873
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vmware.com/download/esx/esx-213-200610-patch.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/15930
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/23058
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/4677
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/18635
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1017273
vdb-entry
x_refsource_SECTRACK
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
x_refsource_CONFIRM
x_transferred
http://www.vmware.com/download/esx/esx-254-200610-patch.html
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.novell.com/linux/security/advisories/2005_24_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.vupen.com/english/advisories/2007/1883
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-395.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.novell.com/linux/security/advisories/2007_13_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/17217
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-373.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/17135
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/451404/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/17007
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.net-snmp.org/about/ChangeLog.html
x_refsource_MISC
x_transferred
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
mailing-list
x_refsource_MLIST
x_transferred
http://www.securityfocus.com/archive/1/451417/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/25787
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/17343
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/14168
vdb-entry
x_refsource_BID
x_transferred
http://www.securityfocus.com/archive/1/451419/100/200/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/25432
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-720.html
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4502
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/17282
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-190-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/22875
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25373
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/bid/21256
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.vmware.com/download/esx/esx-202-200610-patch.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/16999
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/451426/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.trustix.org/errata/2005/0034/
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-873
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vmware.com/download/esx/esx-213-200610-patch.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/15930
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/23058
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4677
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/18635
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1017273
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2005_24_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1883
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-395.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/17217
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-373.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/17135
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/451404/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/17007
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.net-snmp.org/about/ChangeLog.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/451417/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/25787
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/17343
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/14168
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/451419/100/200/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/25432
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-720.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 Jul, 2005 | 04:00
Updated At:03 Apr, 2025 | 01:03

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Net-SNMP
net-snmp
>>net-snmp>>5.0
cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.1
cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.2
cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.3
cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.4_pre2
cpe:2.3:a:net-snmp:net-snmp:5.0.4_pre2:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.5
cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.6
cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.7
cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.8
cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.9
cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.0.10
cpe:2.3:a:net-snmp:net-snmp:5.0.10:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.1.3
cpe:2.3:a:net-snmp:net-snmp:5.1.3:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.2
cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*
Net-SNMP
net-snmp
>>net-snmp>>5.2.1
cpe:2.3:a:net-snmp:net-snmp:5.2.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/15930cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/16999cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/17007cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/17135cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/17217cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/17282cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/17343cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/18635cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/22875cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/23058cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25373cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25432cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25787cve@mitre.org
Vendor Advisory
http://securitytracker.com/id?1017273cve@mitre.org
N/A
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455cve@mitre.org
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1cve@mitre.org
N/A
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdfcve@mitre.org
N/A
http://www.debian.org/security/2005/dsa-873cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025cve@mitre.org
N/A
http://www.net-snmp.org/about/ChangeLog.htmlcve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2005_24_sr.htmlcve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_12_sr.htmlcve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_13_sr.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-373.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-395.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-720.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/451404/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/451417/100/200/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/451419/100/200/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/451426/100/200/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/14168cve@mitre.org
N/A
http://www.securityfocus.com/bid/21256cve@mitre.org
N/A
http://www.trustix.org/errata/2005/0034/cve@mitre.org
Patch
Vendor Advisory
http://www.ubuntu.com/usn/usn-190-1cve@mitre.org
N/A
http://www.vmware.com/download/esx/esx-202-200610-patch.htmlcve@mitre.org
N/A
http://www.vmware.com/download/esx/esx-213-200610-patch.htmlcve@mitre.org
N/A
http://www.vmware.com/download/esx/esx-254-200610-patch.htmlcve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/4502cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4677cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2007/1883cve@mitre.org
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986cve@mitre.org
N/A
http://secunia.com/advisories/15930af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/16999af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/17007af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/17135af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/17217af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/17282af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/17343af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/18635af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/22875af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/23058af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25373af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25432af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/25787af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1017273af854a3a-2127-422b-91ae-364da2661108
N/A
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455af854a3a-2127-422b-91ae-364da2661108
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-873af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.net-snmp.org/about/ChangeLog.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2005_24_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2007_12_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2007_13_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-373.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-395.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-720.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/451404/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/451417/100/200/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/451419/100/200/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/451426/100/200/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/14168af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/21256af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.trustix.org/errata/2005/0034/af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.ubuntu.com/usn/usn-190-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vmware.com/download/esx/esx-202-200610-patch.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vmware.com/download/esx/esx-213-200610-patch.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vmware.com/download/esx/esx-254-200610-patch.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/4502af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4677af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2007/1883af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://secunia.com/advisories/15930
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/16999
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17007
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17135
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17217
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17282
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17343
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18635
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22875
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/23058
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25373
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25432
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25787
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1017273
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-873
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.net-snmp.org/about/ChangeLog.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2005_24_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-373.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-395.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-720.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451404/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451417/100/200/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451419/100/200/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451426/100/200/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/14168
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/21256
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.trustix.org/errata/2005/0034/
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-190-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vmware.com/download/esx/esx-202-200610-patch.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vmware.com/download/esx/esx-213-200610-patch.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4502
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2006/4677
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/1883
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/15930
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/16999
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17007
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17135
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17217
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17282
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17343
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18635
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22875
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/23058
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25373
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25432
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25787
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1017273
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2005-225.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-873
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.net-snmp.org/about/ChangeLog.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2005_24_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-373.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-395.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-720.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451404/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451417/100/200/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451419/100/200/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/451426/100/200/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/14168
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/21256
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.trustix.org/errata/2005/0034/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-190-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vmware.com/download/esx/esx-202-200610-patch.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vmware.com/download/esx/esx-213-200610-patch.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4502
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2006/4677
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/1883
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1099Records found
CVE-2008-4309
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-11.14% / 93.31%
||
7 Day CHG~0.00%
Published-31 Oct, 2008 | 20:00
Updated-07 Aug, 2024 | 10:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.

Action-Not Available
Vendor-n/aNet-SNMP
Product-net-snmpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2284
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.14% / 88.40%
||
7 Day CHG~0.00%
Published-24 Mar, 2014 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-n/aNet-SNMP
Product-net-snmpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2310
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.15% / 78.12%
||
7 Day CHG~0.00%
Published-17 Apr, 2014 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151.

Action-Not Available
Vendor-n/aNet-SNMP
Product-net-snmpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-18066
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.59% / 68.66%
||
7 Day CHG~0.00%
Published-08 Oct, 2018 | 18:00
Updated-06 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Action-Not Available
Vendor-n/aNet-SNMPNetApp, Inc.
Product-data_ontape-series_santricity_os_controllercloud_backupnet-snmpstoragegrid_webscalehyper_converged_infrastructuresolidfire_element_osn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-3565
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-8.76% / 92.31%
||
7 Day CHG~0.00%
Published-07 Oct, 2014 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.

Action-Not Available
Vendor-n/aApple Inc.Net-SNMPCanonical Ltd.
Product-mac_os_xubuntu_linuxnet-snmpn/a
CVE-2002-1170
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.27% / 79.18%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference.

Action-Not Available
Vendor-n/aNet-SNMP
Product-net-snmpn/a
CVE-2009-1887
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.70% / 71.60%
||
7 Day CHG~0.00%
Published-26 Jun, 2009 | 18:00
Updated-07 Aug, 2024 | 05:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.

Action-Not Available
Vendor-n/aRed Hat, Inc.Net-SNMP
Product-net-snmpenterprise_linuxn/a
CWE ID-CWE-369
Divide By Zero
CVE-2014-2285
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-3.12% / 86.51%
||
7 Day CHG~0.00%
Published-27 Apr, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.

Action-Not Available
Vendor-n/aNet-SNMP
Product-net-snmpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-24806
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 33.38%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 19:44
Updated-17 Jan, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
net-snmp vulnerable to Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.

Action-Not Available
Vendor-Red Hat, Inc.Debian GNU/LinuxNet-SNMPFedora Project
Product-enterprise_linux_for_ibm_z_systems_eusfedoranet-snmpenterprise_linux_for_arm_64enterprise_linux_for_power_little_endianenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_for_ibm_z_systemsdebian_linuxenterprise_linux_for_arm_64_eusenterprise_linux_server_ausenterprise_linux_update_services_for_sap_solutionsenterprise_linux_for_power_little_endian_eusenterprise_linuxenterprise_linux_eusnet-snmp
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0289
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.73% / 72.29%
||
7 Day CHG~0.00%
Published-27 Jan, 2009 | 19:00
Updated-07 Aug, 2024 | 04:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to cause a denial of service (service crash) via a long filename in a crafted request.

Action-Not Available
Vendor-windows_tftp_utilityn/a
Product-tftputiln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4142
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-3.01% / 86.28%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 06:00
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted string.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0478
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-76.17% / 98.89%
||
7 Day CHG~0.00%
Published-08 Feb, 2009 | 22:00
Updated-07 Aug, 2024 | 04:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.

Action-Not Available
Vendor-squidn/a
Product-squidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0173
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.96% / 83.18%
||
7 Day CHG~0.00%
Published-16 Jan, 2009 | 21:00
Updated-07 Aug, 2024 | 04:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2_universal_databasen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0267
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.66% / 81.72%
||
7 Day CHG~0.00%
Published-26 Jan, 2009 | 15:05
Updated-07 Aug, 2024 | 04:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-opensolarissolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-6791
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.28% / 84.35%
||
7 Day CHG~0.00%
Published-04 May, 2009 | 18:22
Updated-07 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PumpKIN TFTP Server 2.7.2.0 allows remote attackers to cause a denial of service via a write request with a long mode field.

Action-Not Available
Vendor-klevern/a
Product-pumpkinn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0016
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.44% / 80.37%
||
7 Day CHG~0.00%
Published-14 Mar, 2009 | 18:00
Updated-07 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.

Action-Not Available
Vendor-n/aApple Inc.Microsoft Corporation
Product-ituneswindowsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0099
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5||MEDIUM
EPSS-71.06% / 98.67%
||
7 Day CHG~0.00%
Published-10 Feb, 2009 | 22:13
Updated-07 Aug, 2024 | 04:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage) via a malformed MAPI command, aka "Literal Processing Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exchange_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-3948
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.36% / 87.04%
||
7 Day CHG~0.00%
Published-30 Nov, 2018 | 17:00
Updated-17 Sep, 2024 | 04:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-r600vpn_firmwaretl-r600vpnTP-Link
CWE ID-CWE-20
Improper Input Validation
CVE-2008-7112
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.54% / 67.19%
||
7 Day CHG~0.00%
Published-28 Aug, 2009 | 15:00
Updated-07 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to cause a denial of service (hang or crash) via invalid field length values in a malformed (1) document or (2) request.

Action-Not Available
Vendor-kyoceramitan/a
Product-scanner_file_utilityn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-1640
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.05%
||
7 Day CHG~0.00%
Published-17 Jul, 2020 | 18:40
Updated-16 Sep, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Receipt of certain genuine BGP packets from any BGP Speaker causes RPD to crash.

An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a Denial of Service (DoS) condition. This framework requires these packets to be passed. By continuously sending any of these types of formatted genuine packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Authentication to the BGP peer is not required. This issue can be initiated or propagated through eBGP and iBGP and can impact devices in either modes of use as long as the devices are configured to support the compromised framework and a BGP path is activated or active. This issue affects: Juniper Networks Junos OS 16.1 versions 16.1R7-S6 and later versions prior to 16.1R7-S8; 17.3 versions 17.3R2-S5, 17.3R3-S6 and later versions prior to 17.3R3-S8; 17.4 versions 17.4R2-S7, 17.4R3 and later versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions 18.1R3-S7 and later versions prior to 18.1R3-S10; 18.2 versions 18.2R2-S6, 18.2R3-S2 and later versions prior to 18.2R2-S7, 18.2R3-S5; 18.2X75 versions 18.2X75-D12, 18.2X75-D32, 18.2X75-D33, 18.2X75-D51, 18.2X75-D60, 18.2X75-D411, 18.2X75-D420 and later versions prior to 18.2X75-D32, 18.2X75-D33, 18.2X75-D420, 18.2X75-D52, 18.2X75-D60, 18.2X75-D65, 18.2X75-D70;(*1) 18.3 versions 18.3R1-S6, 18.3R2-S3, 18.3R3 and later versions prior to 18.3R2-S4, 18.3R3-S2; 18.4 versions 18.4R1-S5, 18.4R2-S4, 18.4R3 and later versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S3(*2); 19.1 versions 19.1R1-S3, 19.1R2 and later versions prior to 19.1R1-S5, 19.1R2-S2, 19.1R3-S2; 19.2 versions 19.2R1-S2, 19.2R2 and later versions prior to 19.2R1-S5, 19.2R2, 19.2R3; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2, 19.4R3; 20.1 versions prior to 20.1R1-S1, 20.1R2. This issue does not affect Junos OS prior to 16.1R1. This issue affects IPv4 and IPv6 traffic.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-1173
Improper Use of Validation Framework
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4850
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.87%
||
7 Day CHG~0.00%
Published-16 May, 2018 | 17:00
Updated-16 Sep, 2024 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions < V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400hsimatic_s7-400h_firmwaresimatic_s7-400simatic_s7-400_firmwareSIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17258
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.29%
||
7 Day CHG~0.00%
Published-24 Apr, 2018 | 15:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a resource management vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200te60viewpoint_8660_firmwaresrg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sar120-sar510usg9520ar150-ssemg9811_firmwarete60_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811usg6000vdp300_firmwarear200-s_firmwaretp3106_firmwaresvn5600ar160_firmwareusg6000v_firmwarevp9660_firmwareusg9520_firmwareusg9580netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwarevp9660srg1300srg1300_firmwaresecospace_usg6300srg3300_firmwaresrg2300_firmwarete40ar1200-s_firmwareusg9500te50rse6500nip6600usg9580_firmwarenip6800_firmwaretp3106ar160nip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150ngfw_module_firmwarear1200_firmwarear200ar3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwareviewpoint_8660ar200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareAR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0172
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.72% / 90.23%
||
7 Day CHG~0.00%
Published-16 Jan, 2009 | 21:00
Updated-07 Aug, 2024 | 04:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2_universal_databasen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-0033
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-13.83% / 94.13%
||
7 Day CHG~0.00%
Published-05 Jun, 2009 | 15:25
Updated-07 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-tomcatn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-7280
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.59% / 68.62%
||
7 Day CHG~0.00%
Published-18 Mar, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote attackers to cause a denial of service (e-mail retrieval outage) via a crafted message.

Action-Not Available
Vendor-n/aOTRS AG
Product-otrsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-15206
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9||CRITICAL
EPSS-0.47% / 64.13%
||
7 Day CHG~0.00%
Published-25 Sep, 2020 | 18:45
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using `tensorflow-serving` or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d (both going into TensorFlow 2.2.0 and 2.3.0 but not yet backported to earlier versions). However, this was not enough, as #41097 reports a different failure mode. The issue is patched in commit adf095206f25471e864a8e63a0f1caef53a0e3a6, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

Action-Not Available
Vendor-Google LLCopenSUSETensorFlow
Product-tensorflowleaptensorflow
CWE ID-CWE-20
Improper Input Validation
CVE-2008-6175
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.62% / 87.52%
||
7 Day CHG~0.00%
Published-19 Feb, 2009 | 16:00
Updated-07 Aug, 2024 | 11:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service (application crash) via a crafted argument to the opendir SFTP command.

Action-Not Available
Vendor-k2sxsn/a
Product-silvershieldn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-32566
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-7.93% / 91.85%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 07:15
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Specific sequence of HTTP/2 frames can cause ATS to crash

Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxtraffic_serverApache Traffic Server
CWE ID-CWE-20
Improper Input Validation
CVE-2008-6702
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-9.01% / 92.44%
||
7 Day CHG~0.00%
Published-10 Apr, 2009 | 15:00
Updated-07 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.

Action-Not Available
Vendor-stalker-gamen/a
Product-s.t.a.l.k.e.r.\n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-5431
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.45% / 88.79%
||
7 Day CHG~0.00%
Published-11 Dec, 2008 | 15:00
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a denial of service via (1) a certain CWD command, (2) a long LIST command, or (3) a certain PORT command.

Action-Not Available
Vendor-5e5n/a
Product-teamtek_universal_ftp_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-5105
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.39% / 87.12%
||
7 Day CHG~0.00%
Published-17 Nov, 2008 | 18:00
Updated-07 Aug, 2024 | 10:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash or hang) via certain (1) APPE, (2) CWD, (3) DELE, (4) MKD, (5) RMD, (6) RETR, (7) RNFR, (8) RNTO, (9) SIZE, and (10) STOR commands.

Action-Not Available
Vendor-karjasoftn/a
Product-sami_ftp_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20658
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-19.82% / 95.29%
||
7 Day CHG~0.00%
Published-02 Jan, 2019 | 15:00
Updated-16 Sep, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.

Action-Not Available
Vendor-coreftpn/a
Product-core_ftpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-5715
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.50% / 92.17%
||
7 Day CHG+0.74%
Published-24 Dec, 2008 | 17:00
Updated-07 Aug, 2024 | 11:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions are also affected, and that the impact is CPU consumption and application hang in unspecified circumstances perhaps involving other platforms.

Action-Not Available
Vendor-n/aMozilla CorporationMicrosoft Corporation
Product-firefoxwindows_vistan/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-5669
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 72.52%
||
7 Day CHG~0.00%
Published-18 Dec, 2008 | 21:00
Updated-07 Aug, 2024 | 11:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers to cause a denial of service via a long message parameter.

Action-Not Available
Vendor-textpatternn/a
Product-textpatternn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-2465
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.87%
||
7 Day CHG~0.00%
Published-11 Sep, 2018 | 15:00
Updated-05 Aug, 2024 | 04:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP HANA (versions 1.0 and 2.0) Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash.

Action-Not Available
Vendor-SAP SE
Product-hanaSAP HANA
CWE ID-CWE-20
Improper Input Validation
CVE-2021-32567
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-7.93% / 91.85%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 07:15
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reading HTTP/2 frames too many times

Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxtraffic_serverApache Traffic Server
CWE ID-CWE-20
Improper Input Validation
CVE-2018-21262
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.42%
||
7 Day CHG~0.00%
Published-19 Jun, 2020 | 16:51
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text.

Action-Not Available
Vendor-n/aMattermost, Inc.
Product-mattermost_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20823
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 62.22%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 13:47
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gyroscope on Xiaomi Mi 5s devices allows attackers to cause a denial of service (resonance and false data) via a 20.4 kHz audio signal, aka a MEMS ultrasound attack.

Action-Not Available
Vendor-n/aXiaomi
Product-mi_5s_firmwaremi_5sn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-31925
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.73%
||
7 Day CHG~0.00%
Published-07 Jul, 2021 | 14:01
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface.

Action-Not Available
Vendor-pexipn/a
Product-pexip_infinityn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-21259
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.38% / 58.76%
||
7 Day CHG~0.00%
Published-19 Jun, 2020 | 16:47
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mattermost Server before 4.10.1, 4.9.4, and 4.8.2. It allows attackers to cause a denial of service (application hang) via a malformed link in a channel.

Action-Not Available
Vendor-n/aMattermost, Inc.
Product-mattermost_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20743
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.13% / 91.35%
||
7 Day CHG~0.00%
Published-25 Jan, 2019 | 16:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood.

Action-Not Available
Vendor-mumblen/aDebian GNU/Linux
Product-mumbledebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2326
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.66% / 91.01%
||
7 Day CHG~0.00%
Published-10 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows attackers to cause a denial of service (NULL pointer dereference and application crash) by resolving a crafted .local domain name that contains a long label.

Action-Not Available
Vendor-n/aApple Inc.Microsoft Corporation
Product-bonjourwindows_vistawindows_2003_serverwindows_xpwindows-ntwindows_2000n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-19591
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.46% / 80.50%
||
7 Day CHG~0.00%
Published-04 Dec, 2018 | 16:00
Updated-03 Dec, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

Action-Not Available
Vendor-n/aFedora ProjectGNU
Product-glibcfedoran/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-20
Improper Input Validation
CVE-2018-19642
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-5.1||MEDIUM
EPSS-0.17% / 37.54%
||
7 Day CHG~0.00%
Published-27 Mar, 2019 | 16:55
Updated-17 Sep, 2024 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5

Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

Action-Not Available
Vendor-Micro Focus International Limited
Product-solutions_business_managerSolutions Business Manager (SBM)
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20013
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.95%
||
7 Day CHG~0.00%
Published-18 Jun, 2019 | 12:32
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadata_id!=0 assertion, leading to shutting down the client application.

Action-Not Available
Vendor-urbackupn/a
Product-urbackupn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3790
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-28.84% / 96.44%
||
7 Day CHG~0.00%
Published-27 Aug, 2008 | 20:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."

Action-Not Available
Vendor-n/aRuby
Product-rubyn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3796
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.89% / 75.06%
||
7 Day CHG~0.00%
Published-27 Aug, 2008 | 15:00
Updated-07 Aug, 2024 | 09:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial of service (application crash) via a 1x1 JPEG image.

Action-Not Available
Vendor-swfdecn/a
Product-swfdecn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3697
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.15% / 86.59%
||
7 Day CHG~0.00%
Published-03 Sep, 2008 | 14:00
Updated-07 Aug, 2024 | 09:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-vmware_serverservern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-4425
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.01% / 76.68%
||
7 Day CHG~0.00%
Published-17 May, 2016 | 14:00
Updated-04 Dec, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.

Action-Not Available
Vendor-jansson_projectn/a
Product-janssonn/a
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-20
Improper Input Validation
CVE-2008-4400
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.55% / 85.18%
||
7 Day CHG~0.00%
Published-14 Oct, 2008 | 20:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-arcserve_backupserver_protection_suitebusiness_protection_suiten/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 21
  • 22
  • Next
Details not found