Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-4095

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Sep, 2006 | 00:00
Updated At-07 Aug, 2024 | 18:57
Rejected At-
Credits

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Sep, 2006 | 00:00
Updated At:07 Aug, 2024 | 18:57
Rejected At:
▼CVE Numbering Authority (CNA)

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://docs.info.apple.com/article.html?artnum=305530
x_refsource_CONFIRM
http://secunia.com/advisories/21835
third-party-advisory
x_refsource_SECUNIA
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
vendor-advisory
x_refsource_OPENPKG
http://www.vupen.com/english/advisories/2007/1939
vdb-entry
x_refsource_VUPEN
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
vendor-advisory
x_refsource_FREEBSD
http://www.securityfocus.com/archive/1/445600/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
vdb-entry
x_refsource_XF
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
x_refsource_MISC
http://www.novell.com/linux/security/advisories/2006_24_sr.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/21786
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_23_sr.html
vendor-advisory
x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/25402
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
vendor-advisory
x_refsource_MANDRIVA
https://issues.rpath.com/browse/RPL-626
x_refsource_CONFIRM
http://secunia.com/advisories/21818
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-343-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/21838
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/22298
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/19859
vdb-entry
x_refsource_BID
http://secunia.com/advisories/21816
third-party-advisory
x_refsource_SECUNIA
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/21912
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21926
third-party-advisory
x_refsource_SECUNIA
http://www.openbsd.org/errata.html
vendor-advisory
x_refsource_OPENBSD
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
vendor-advisory
x_refsource_SLACKWARE
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2006/3473
vdb-entry
x_refsource_VUPEN
http://www.us.debian.org/security/2006/dsa-1172
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2007/1401
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/21828
third-party-advisory
x_refsource_SECUNIA
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
http://www.kb.cert.org/vuls/id/915404
third-party-advisory
x_refsource_CERT-VN
http://secunia.com/advisories/21752
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1016794
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/24950
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200609-11.xml
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/21835
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Resource:
vendor-advisory
x_refsource_OPENPKG
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Resource:
x_refsource_MISC
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/21786
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/25402
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: https://issues.rpath.com/browse/RPL-626
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/21818
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/21838
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/22298
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/19859
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/21816
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/21912
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21926
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openbsd.org/errata.html
Resource:
vendor-advisory
x_refsource_OPENBSD
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/21828
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://secunia.com/advisories/21752
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1016794
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/24950
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://docs.info.apple.com/article.html?artnum=305530
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/21835
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
vendor-advisory
x_refsource_OPENPKG
x_transferred
http://www.vupen.com/english/advisories/2007/1939
vdb-entry
x_refsource_VUPEN
x_transferred
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
vendor-advisory
x_refsource_FREEBSD
x_transferred
http://www.securityfocus.com/archive/1/445600/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
vdb-entry
x_refsource_XF
x_transferred
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
x_refsource_MISC
x_transferred
http://www.novell.com/linux/security/advisories/2006_24_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/21786
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2006_23_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/25402
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
vendor-advisory
x_refsource_MANDRIVA
x_transferred
https://issues.rpath.com/browse/RPL-626
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/21818
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-343-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/21838
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/22298
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/19859
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/21816
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/21912
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21926
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openbsd.org/errata.html
vendor-advisory
x_refsource_OPENBSD
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
vendor-advisory
x_refsource_SLACKWARE
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2006/3473
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.us.debian.org/security/2006/dsa-1172
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2007/1401
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/21828
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
http://www.kb.cert.org/vuls/id/915404
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://secunia.com/advisories/21752
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1016794
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/24950
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200609-11.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/21835
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Resource:
vendor-advisory
x_refsource_OPENPKG
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/21786
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/25402
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-626
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/21818
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/21838
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/22298
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19859
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/21816
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/21912
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21926
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openbsd.org/errata.html
Resource:
vendor-advisory
x_refsource_OPENBSD
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/21828
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://secunia.com/advisories/21752
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1016794
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/24950
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Sep, 2006 | 00:04
Updated At:03 Apr, 2025 | 01:03

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Internet Systems Consortium, Inc.
isc
>>bind>>Versions up to 9.2.6(inclusive)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>bind>>Versions from 9.3.0(inclusive) to 9.3.2(inclusive)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>5.04
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>5.10
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>Versions before 10.3.9(exclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>Versions from 10.4.0(inclusive) to 10.4.9(exclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x_server>>Versions before 10.3.9(exclusive)
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x_server>>Versions from 10.4.0(inclusive) to 10.4.9(exclusive)
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Primarynvd@nist.gov
CWE ID: CWE-617
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2006-09-06T00:00:00

Not Vulnerable. The version of BIND that ships with Red Hat Enterprise Linux is not vulnerable to this issue as it does not handle signed RR records.

References
HyperlinkSourceResource
http://docs.info.apple.com/article.html?artnum=305530cve@mitre.org
Broken Link
http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlcve@mitre.org
Mailing List
http://secunia.com/advisories/21752cve@mitre.org
Broken Link
http://secunia.com/advisories/21786cve@mitre.org
Broken Link
http://secunia.com/advisories/21816cve@mitre.org
Broken Link
http://secunia.com/advisories/21818cve@mitre.org
Broken Link
http://secunia.com/advisories/21828cve@mitre.org
Broken Link
http://secunia.com/advisories/21835cve@mitre.org
Broken Link
http://secunia.com/advisories/21838cve@mitre.org
Broken Link
http://secunia.com/advisories/21912cve@mitre.org
Broken Link
http://secunia.com/advisories/21926cve@mitre.org
Broken Link
http://secunia.com/advisories/22298cve@mitre.org
Broken Link
http://secunia.com/advisories/24950cve@mitre.org
Broken Link
http://secunia.com/advisories/25402cve@mitre.org
Broken Link
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asccve@mitre.org
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200609-11.xmlcve@mitre.org
Third Party Advisory
http://securitytracker.com/id?1016794cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241cve@mitre.org
Broken Link
http://www.kb.cert.org/vuls/id/915404cve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163cve@mitre.org
Broken Link
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=encve@mitre.org
Broken Link
Patch
http://www.novell.com/linux/security/advisories/2006_23_sr.htmlcve@mitre.org
Broken Link
http://www.novell.com/linux/security/advisories/2006_24_sr.htmlcve@mitre.org
Broken Link
http://www.openbsd.org/errata.htmlcve@mitre.org
Release Notes
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.htmlcve@mitre.org
Broken Link
http://www.securityfocus.com/archive/1/445600/100/0/threadedcve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/19859cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-343-1cve@mitre.org
Third Party Advisory
http://www.us.debian.org/security/2006/dsa-1172cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2006/3473cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2007/1401cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2007/1939cve@mitre.org
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745cve@mitre.org
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-626cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
http://docs.info.apple.com/article.html?artnum=305530af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
http://secunia.com/advisories/21752af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21786af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21816af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21818af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21828af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21835af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21838af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21912af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21926af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/22298af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/24950af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/25402af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.ascaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200609-11.xmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securitytracker.com/id?1016794af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.kb.cert.org/vuls/id/915404af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=enaf854a3a-2127-422b-91ae-364da2661108
Broken Link
Patch
http://www.novell.com/linux/security/advisories/2006_23_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.novell.com/linux/security/advisories/2006_24_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openbsd.org/errata.htmlaf854a3a-2127-422b-91ae-364da2661108
Release Notes
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securityfocus.com/archive/1/445600/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/19859af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-343-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us.debian.org/security/2006/dsa-1172af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2006/3473af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2007/1401af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2007/1939af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-626af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: http://secunia.com/advisories/21752
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21786
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21816
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21818
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21828
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21835
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21838
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21912
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21926
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/22298
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/24950
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25402
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1016794
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Source: cve@mitre.org
Resource:
Broken Link
Patch
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.openbsd.org/errata.html
Source: cve@mitre.org
Resource:
Release Notes
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/19859
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://issues.rpath.com/browse/RPL-626
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://secunia.com/advisories/21752
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21786
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21816
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21818
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21828
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21835
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21838
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21912
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21926
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/22298
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/24950
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25402
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1016794
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Patch
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.openbsd.org/errata.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Release Notes
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/19859
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://issues.rpath.com/browse/RPL-626
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link

Change History

0
Information is not available yet

Similar CVEs

1036Records found
CVE-2015-8921
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.66% / 87.41%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

Action-Not Available
Vendor-n/aCanonical Ltd.libarchiveNovell
Product-libarchiveubuntu_linuxsuse_linux_enterprise_serversuse_linux_enterprise_desktopsuse_linux_enterprise_software_development_kitn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2015-8917
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.59% / 89.94%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.libarchive
Product-debian_linuxubuntu_linuxlibarchiven/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-8919
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.37% / 90.62%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

Action-Not Available
Vendor-n/aCanonical Ltd.libarchiveNovell
Product-libarchiveubuntu_linuxsuse_linux_enterprise_serversuse_linux_enterprise_desktopsuse_linux_enterprise_software_development_kitn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8806
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-8.57% / 92.03%
||
7 Day CHG~0.00%
Published-13 Apr, 2016 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.

Action-Not Available
Vendor-n/alibxml2 (XMLSoft)Debian GNU/LinuxCanonical Ltd.
Product-libxml2debian_linuxubuntu_linuxn/a
CVE-2005-1106
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.06%
||
7 Day CHG~0.00%
Published-13 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow.

Action-Not Available
Vendor-n/aApple Inc.
Product-quicktime_pictureviewern/a
CVE-2015-7995
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.04% / 86.13%
||
7 Day CHG~0.00%
Published-17 Nov, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

Action-Not Available
Vendor-n/aApple Inc.libxml2 (XMLSoft)
Product-watchoslibxsltiphone_osmac_os_xtvosn/a
CVE-2015-8930
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.80% / 89.07%
||
7 Day CHG~0.00%
Published-20 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

Action-Not Available
Vendor-n/aCanonical Ltd.libarchiveSUSE
Product-libarchiveubuntu_linuxlinux_enterprise_desktoplinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-3080
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.20%
||
7 Day CHG~0.00%
Published-21 Sep, 2022 | 10:15
Updated-17 Sep, 2024 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly

By sending specific queries to the resolver, an attacker can cause named to crash.

Action-Not Available
Vendor-Fedora ProjectInternet Systems Consortium, Inc.
Product-bindfedoraBIND9bindfedora
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2015-8899
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.41%
||
7 Day CHG+0.03%
Published-30 Jun, 2016 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

Action-Not Available
Vendor-thekelleysn/aCanonical Ltd.
Product-dnsmasqubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7500
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-5.46% / 89.80%
||
7 Day CHG~0.00%
Published-15 Dec, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

Action-Not Available
Vendor-n/aApple Inc.Canonical Ltd.HP Inc.libxml2 (XMLSoft)Debian GNU/LinuxRed Hat, Inc.
Product-icewall_file_managerenterprise_linux_serverlibxml2enterprise_linux_hpc_nodeicewall_federation_agentwatchosenterprise_linux_desktopubuntu_linuxenterprise_linux_workstationdebian_linuxiphone_osmac_os_xtvosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-5917
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-5||MEDIUM
EPSS-1.61% / 81.03%
||
7 Day CHG~0.00%
Published-09 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring.

Action-Not Available
Vendor-n/aNetBSDApple Inc.
Product-tnftpdmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-7497
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-3.57% / 87.26%
||
7 Day CHG~0.00%
Published-15 Dec, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.HP Inc.libxml2 (XMLSoft)Debian GNU/LinuxRed Hat, Inc.
Product-icewall_file_managerenterprise_linux_serverlibxml2enterprise_linux_hpc_nodeicewall_federation_agentubuntu_linuxenterprise_linux_desktopenterprise_linux_workstationdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-6908
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5||MEDIUM
EPSS-73.04% / 98.73%
||
7 Day CHG~0.00%
Published-11 Sep, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.

Action-Not Available
Vendor-openldapn/aApple Inc.
Product-mac_os_xopenldapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7236
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-7.5||HIGH
EPSS-8.21% / 91.86%
||
7 Day CHG~0.00%
Published-01 Oct, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.

Action-Not Available
Vendor-rpcbind_projectn/aDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-rpcbinddebian_linuxubuntu_linuxsolarisn/a
CVE-2015-6855
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-4.25% / 88.35%
||
7 Day CHG~0.00%
Published-06 Nov, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.

Action-Not Available
Vendor-n/aSUSEQEMUArista Networks, Inc.Fedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-qemufedoraubuntu_linuxlinux_enterprise_desktopeosdebian_linuxlinux_enterprise_servern/a
CWE ID-CWE-369
Divide By Zero
CVE-2015-7760
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.73% / 71.84%
||
7 Day CHG~0.00%
Published-09 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by repeatedly connecting to the SSH port, a different vulnerability than CVE-2015-7761.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CVE-2015-7498
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-3.57% / 87.26%
||
7 Day CHG~0.00%
Published-15 Dec, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.

Action-Not Available
Vendor-n/aCanonical Ltd.HP Inc.libxml2 (XMLSoft)Debian GNU/LinuxRed Hat, Inc.
Product-icewall_file_managerenterprise_linux_serverlibxml2enterprise_linux_hpc_nodeicewall_federation_agentubuntu_linuxenterprise_linux_desktopenterprise_linux_workstationdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-7540
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-17.10% / 94.73%
||
7 Day CHG~0.00%
Published-29 Dec, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

Action-Not Available
Vendor-n/aSambaDebian GNU/LinuxCanonical Ltd.
Product-debian_linuxubuntu_linuxsamban/a
CVE-2019-8665
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.70%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, watchOS 5.3. A remote attacker may cause an unexpected application termination.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchoswatchOSiOS
CWE ID-CWE-20
Improper Input Validation
CVE-2025-43223
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.35%
||
7 Day CHG~0.00%
Published-29 Jul, 2025 | 23:28
Updated-31 Jul, 2025 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings.

Action-Not Available
Vendor-Apple Inc.
Product-ipadosiphone_oswatchostvosvisionosmacoswatchOSiPadOSmacOStvOSiOS and iPadOSvisionOS
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5964
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-7.51% / 91.41%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.DjangoOracle Corporation
Product-djangoubuntu_linuxsolarisn/a
CVE-2015-5963
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.13% / 91.81%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.

Action-Not Available
Vendor-n/aCanonical Ltd.DjangoOracle Corporation
Product-djangoubuntu_linuxsolarisn/a
CVE-2015-5840
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-5||MEDIUM
EPSS-0.92% / 74.97%
||
7 Day CHG~0.00%
Published-18 Sep, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial of service (overflow fault and app crash) via crafted data.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-0760
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-35.84% / 96.96%
||
7 Day CHG~0.00%
Published-23 Jul, 2024 | 14:26
Updated-13 Feb, 2025 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A flood of DNS messages over TCP may make the server unstable

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-BIND 9bind
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2015-5879
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-5||MEDIUM
EPSS-1.85% / 82.25%
||
7 Day CHG~0.00%
Published-18 Sep, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which allows remote attackers to bypass the sequence-number protection mechanism and cause a denial of service (TCP connection disruption) via a crafted header.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-4484
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5||MEDIUM
EPSS-2.08% / 83.30%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSEOracle CorporationCanonical Ltd.
Product-firefoxopensuseubuntu_linuxsolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2316
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.27% / 83.99%
||
7 Day CHG~0.00%
Published-25 Mar, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.DjangoOracle CorporationFedora Project
Product-solarisdjangofedoraopensuseubuntu_linuxn/a
CVE-2015-5219
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.64% / 87.38%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Oracle CorporationFedora ProjectopenSUSENovellSiemens AG
Product-enterprise_linux_desktoplinuxenterprise_linux_workstationfedoralinux_enterprise_serverleapenterprise_linux_serverdebian_linuxlinux_enterprise_debuginfotim_4r-ientptim_4r-id_dnp3tim_4r-id_dnp3_firmwareopenstack_cloudmanager_proxyenterprise_linux_hpc_nodetim_4r-ie_firmwareubuntu_linuxmanagern/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-3905
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.34%
||
7 Day CHG+0.01%
Published-23 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

Action-Not Available
Vendor-openvswitchn/aCanonical Ltd.Red Hat, Inc.Fedora Project
Product-openvswitchenterprise_linux_fast_datapathfedoraubuntu_linuxopenvswitch (ovs)
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2015-5195
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-10.40% / 92.91%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.Fedora Project
Product-enterprise_linux_desktopenterprise_linux_workstationfedoraenterprise_linux_serverdebian_linuxenterprise_linux_hpc_nodeubuntu_linuxntpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5180
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.21%
||
7 Day CHG+0.07%
Published-27 Jun, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).

Action-Not Available
Vendor-n/aCanonical Ltd.GNU
Product-ubuntu_linuxglibcn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-4444
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-0.90% / 74.75%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4443.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readermacosacrobat_dcwindowsacrobatn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-5194
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-11.83% / 93.46%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Fedora Project
Product-enterprise_linux_desktopenterprise_linux_workstationfedoralinux_enterprise_serveropenstack_cloudenterprise_linux_serverdebian_linuxmanager_proxylinux_enterprise_debuginfoenterprise_linux_hpc_nodeubuntu_linuxntpmanagern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5300
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-31.17% / 96.60%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Fedora ProjectopenSUSE
Product-enterprise_linux_desktopmanagerlinux_enterprise_desktopenterprise_linux_workstationfedorasuse_linux_enterprise_serverlinux_enterprise_serverleapenterprise_linux_server_eusenterprise_linux_serverdebian_linuxlinux_enterprise_debuginfolinux_enterprise_software_development_kitntpenterprise_linux_hpc_node_eusopenstack_cloudmanager_proxyenterprise_linux_hpc_nodeubuntu_linuxopensusen/a
CVE-2023-6516
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.38%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 14:05
Updated-13 Feb, 2025 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Specific recursive query patterns may lead to an out-of-memory condition

To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queued for later processing. It was discovered that if the resolver is continuously processing query patterns triggering this type of cache-database maintenance, `named` may not be able to handle the cleanup events in a timely manner. This in turn enables the list of queued cleanup events to grow infinitely large over time, allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.16.0 through 9.16.45 and 9.16.8-S1 through 9.16.45-S1.

Action-Not Available
Vendor-NetApp, Inc.Internet Systems Consortium, Inc.
Product-bindactive_iq_unified_managerBIND 9bind
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2015-4443
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-0.90% / 74.75%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2015-4444.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readermacosacrobat_dcwindowsacrobatn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-3195
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-2.22% / 83.83%
||
7 Day CHG~0.00%
Published-06 Dec, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

Action-Not Available
Vendor-n/aopenSUSESUSERed Hat, Inc.Fedora ProjectApple Inc.OpenSSLDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linux_serversolarislinux_enterprise_serversun_ray_softwarehttp_servercommunications_webrtc_session_controllervm_serverdebian_linuxlinuxtransportation_managemententerprise_linux_server_ausexalogic_infrastructurevm_virtualboxleapopensusefedoraenterprise_linux_desktopubuntu_linuxlife_sciences_data_hubenterprise_linux_server_tusintegrated_lights_out_manager_firmwareenterprise_linux_workstationopensslapi_gatewaymac_os_xn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-4024
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-66.29% / 98.46%
||
7 Day CHG~0.00%
Published-09 Jun, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.

Action-Not Available
Vendor-n/aRed Hat, Inc.The PHP GroupApple Inc.Oracle CorporationHP Inc.
Product-enterprise_linuxenterprise_linux_serversolarissystem_management_homepageenterprise_linux_hpc_nodeenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_workstationphpenterprise_linux_hpc_node_euslinuxmac_os_xn/a
CVE-2015-4021
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-25.30% / 95.99%
||
7 Day CHG~0.00%
Published-09 Jun, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.

Action-Not Available
Vendor-n/aRed Hat, Inc.The PHP GroupApple Inc.
Product-enterprise_linuxenterprise_linux_serverenterprise_linux_hpc_nodeenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_workstationphpenterprise_linux_hpc_node_eusmac_os_xn/a
CVE-2021-3737
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.42%
||
7 Day CHG~0.00%
Published-04 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aCanonical Ltd.NetApp, Inc.Red Hat, Inc.Python Software FoundationOracle CorporationFedora Project
Product-ubuntu_linuxcodeready_linux_builder_for_ibm_z_systemscodeready_linux_builder_for_power_little_endianenterprise_linuxhcicommunications_cloud_native_core_network_exposure_functioncommunications_cloud_native_core_policypythonmanagement_services_for_element_softwarecodeready_linux_builderxcp_nfsontap_select_deploy_administration_utilityfedoraenterprise_linux_for_ibm_z_systemscommunications_cloud_native_core_binding_support_functionnetapp_xcp_smbenterprise_linux_for_power_little_endianpython
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-3047
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-3.48% / 87.11%
||
7 Day CHG~0.00%
Published-13 May, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-windowsacrobatmac_os_xacrobat_readern/a
CVE-2015-3194
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-64.37% / 98.37%
||
7 Day CHG~0.00%
Published-06 Dec, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.

Action-Not Available
Vendor-n/aNode.js (OpenJS Foundation)OpenSSLDebian GNU/LinuxCanonical Ltd.
Product-openssldebian_linuxubuntu_linuxnode.jsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-2668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.55% / 80.70%
||
7 Day CHG~0.00%
Published-12 May, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.

Action-Not Available
Vendor-n/aClamAVCanonical Ltd.
Product-ubuntu_linuxclamavn/a
CVE-2013-0899
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.10% / 77.16%
||
7 Day CHG~0.00%
Published-23 Feb, 2013 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

Action-Not Available
Vendor-opus-codecn/aopenSUSELinux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-linux_kernelopensusemacosipadoschromewindowsopusiphone_osmac_os_xn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-1819
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-2.46% / 84.63%
||
7 Day CHG~0.00%
Published-14 Aug, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

Action-Not Available
Vendor-n/aApple Inc.Oracle CorporationFedora ProjectCanonical Ltd.libxml2 (XMLSoft)Debian GNU/LinuxopenSUSERed Hat, Inc.
Product-libxmlenterprise_linuxsolarisfedoraopensusewatchosubuntu_linuxdebian_linuxlinuxiphone_osmac_os_xtvosn/a
CVE-2020-14398
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.75% / 81.81%
||
7 Day CHG~0.00%
Published-17 Jun, 2020 | 15:13
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.openSUSE
Product-ubuntu_linuxsimatic_itc1500_prosimatic_itc1900simatic_itc2200_pro_firmwaresimatic_itc2200simatic_itc1500_pro_firmwaredebian_linuxsimatic_itc1500simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prolibvncserversimatic_itc1900_proleapn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2015-2568
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-4.41% / 88.58%
||
7 Day CHG~0.00%
Published-16 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

Action-Not Available
Vendor-n/aSUSEMariaDB FoundationRed Hat, Inc.Debian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_server_aussolarisenterprise_linux_eusmariadbmysqlubuntu_linuxenterprise_linux_desktopcommunications_policy_managemententerprise_linux_server_tusenterprise_linux_workstationlinux_enterprise_desktopdebian_linuxlinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CVE-2015-2695
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.05% / 88.05%
||
7 Day CHG~0.00%
Published-09 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)openSUSESUSEDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-solariskerberos_5leapopensuseubuntu_linuxlinux_enterprise_desktopdebian_linuxlinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2020-14303
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-16.34% / 94.60%
||
7 Day CHG~0.00%
Published-06 Jul, 2020 | 17:12
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxopenSUSESambaFedora Project
Product-ubuntu_linuxdebian_linuxsambafedoraleapSamba
CWE ID-CWE-834
Excessive Iteration
CVE-2015-2170
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.55% / 80.70%
||
7 Day CHG~0.00%
Published-12 May, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

Action-Not Available
Vendor-n/aClamAVCanonical Ltd.
Product-ubuntu_linuxclamavn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 20
  • 21
  • Next
Details not found