Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-4095

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Sep, 2006 | 00:00
Updated At-07 Aug, 2024 | 18:57
Rejected At-
Credits

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Sep, 2006 | 00:00
Updated At:07 Aug, 2024 | 18:57
Rejected At:
▼CVE Numbering Authority (CNA)

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://docs.info.apple.com/article.html?artnum=305530
x_refsource_CONFIRM
http://secunia.com/advisories/21835
third-party-advisory
x_refsource_SECUNIA
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
vendor-advisory
x_refsource_OPENPKG
http://www.vupen.com/english/advisories/2007/1939
vdb-entry
x_refsource_VUPEN
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
vendor-advisory
x_refsource_FREEBSD
http://www.securityfocus.com/archive/1/445600/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
vdb-entry
x_refsource_XF
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
x_refsource_MISC
http://www.novell.com/linux/security/advisories/2006_24_sr.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/21786
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_23_sr.html
vendor-advisory
x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/25402
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
vendor-advisory
x_refsource_MANDRIVA
https://issues.rpath.com/browse/RPL-626
x_refsource_CONFIRM
http://secunia.com/advisories/21818
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-343-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/21838
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/22298
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/19859
vdb-entry
x_refsource_BID
http://secunia.com/advisories/21816
third-party-advisory
x_refsource_SECUNIA
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/21912
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21926
third-party-advisory
x_refsource_SECUNIA
http://www.openbsd.org/errata.html
vendor-advisory
x_refsource_OPENBSD
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
vendor-advisory
x_refsource_SLACKWARE
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2006/3473
vdb-entry
x_refsource_VUPEN
http://www.us.debian.org/security/2006/dsa-1172
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2007/1401
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/21828
third-party-advisory
x_refsource_SECUNIA
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
http://www.kb.cert.org/vuls/id/915404
third-party-advisory
x_refsource_CERT-VN
http://secunia.com/advisories/21752
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1016794
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/24950
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200609-11.xml
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/21835
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Resource:
vendor-advisory
x_refsource_OPENPKG
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Resource:
x_refsource_MISC
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/21786
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/25402
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: https://issues.rpath.com/browse/RPL-626
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/21818
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/21838
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/22298
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/19859
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/21816
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/21912
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21926
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openbsd.org/errata.html
Resource:
vendor-advisory
x_refsource_OPENBSD
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/21828
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://secunia.com/advisories/21752
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1016794
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/24950
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://docs.info.apple.com/article.html?artnum=305530
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/21835
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
vendor-advisory
x_refsource_OPENPKG
x_transferred
http://www.vupen.com/english/advisories/2007/1939
vdb-entry
x_refsource_VUPEN
x_transferred
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
vendor-advisory
x_refsource_FREEBSD
x_transferred
http://www.securityfocus.com/archive/1/445600/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
vdb-entry
x_refsource_XF
x_transferred
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
x_refsource_MISC
x_transferred
http://www.novell.com/linux/security/advisories/2006_24_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/21786
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2006_23_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/25402
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
vendor-advisory
x_refsource_MANDRIVA
x_transferred
https://issues.rpath.com/browse/RPL-626
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/21818
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-343-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/21838
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/22298
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/19859
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/21816
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/21912
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21926
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openbsd.org/errata.html
vendor-advisory
x_refsource_OPENBSD
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
vendor-advisory
x_refsource_SLACKWARE
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2006/3473
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.us.debian.org/security/2006/dsa-1172
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2007/1401
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/21828
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
vendor-advisory
x_refsource_HP
x_transferred
http://www.kb.cert.org/vuls/id/915404
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://secunia.com/advisories/21752
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1016794
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/24950
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200609-11.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/21835
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Resource:
vendor-advisory
x_refsource_OPENPKG
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/21786
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/25402
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-626
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/21818
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/21838
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/22298
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19859
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/21816
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/21912
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21926
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openbsd.org/errata.html
Resource:
vendor-advisory
x_refsource_OPENBSD
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/21828
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://secunia.com/advisories/21752
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1016794
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/24950
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Sep, 2006 | 00:04
Updated At:03 Apr, 2025 | 01:03

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Internet Systems Consortium, Inc.
isc
>>bind>>Versions up to 9.2.6(inclusive)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>bind>>Versions from 9.3.0(inclusive) to 9.3.2(inclusive)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>5.04
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>5.10
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>Versions before 10.3.9(exclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>Versions from 10.4.0(inclusive) to 10.4.9(exclusive)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x_server>>Versions before 10.3.9(exclusive)
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x_server>>Versions from 10.4.0(inclusive) to 10.4.9(exclusive)
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-617Primarynvd@nist.gov
CWE ID: CWE-617
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2006-09-06T00:00:00

Not Vulnerable. The version of BIND that ships with Red Hat Enterprise Linux is not vulnerable to this issue as it does not handle signed RR records.

References
HyperlinkSourceResource
http://docs.info.apple.com/article.html?artnum=305530cve@mitre.org
Broken Link
http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlcve@mitre.org
Mailing List
http://secunia.com/advisories/21752cve@mitre.org
Broken Link
http://secunia.com/advisories/21786cve@mitre.org
Broken Link
http://secunia.com/advisories/21816cve@mitre.org
Broken Link
http://secunia.com/advisories/21818cve@mitre.org
Broken Link
http://secunia.com/advisories/21828cve@mitre.org
Broken Link
http://secunia.com/advisories/21835cve@mitre.org
Broken Link
http://secunia.com/advisories/21838cve@mitre.org
Broken Link
http://secunia.com/advisories/21912cve@mitre.org
Broken Link
http://secunia.com/advisories/21926cve@mitre.org
Broken Link
http://secunia.com/advisories/22298cve@mitre.org
Broken Link
http://secunia.com/advisories/24950cve@mitre.org
Broken Link
http://secunia.com/advisories/25402cve@mitre.org
Broken Link
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asccve@mitre.org
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200609-11.xmlcve@mitre.org
Third Party Advisory
http://securitytracker.com/id?1016794cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241cve@mitre.org
Broken Link
http://www.kb.cert.org/vuls/id/915404cve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163cve@mitre.org
Broken Link
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=encve@mitre.org
Broken Link
Patch
http://www.novell.com/linux/security/advisories/2006_23_sr.htmlcve@mitre.org
Broken Link
http://www.novell.com/linux/security/advisories/2006_24_sr.htmlcve@mitre.org
Broken Link
http://www.openbsd.org/errata.htmlcve@mitre.org
Release Notes
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.htmlcve@mitre.org
Broken Link
http://www.securityfocus.com/archive/1/445600/100/0/threadedcve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/19859cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-343-1cve@mitre.org
Third Party Advisory
http://www.us.debian.org/security/2006/dsa-1172cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2006/3473cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2007/1401cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2007/1939cve@mitre.org
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745cve@mitre.org
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-626cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144cve@mitre.org
Broken Link
http://docs.info.apple.com/article.html?artnum=305530af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
http://secunia.com/advisories/21752af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21786af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21816af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21818af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21828af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21835af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21838af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21912af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/21926af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/22298af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/24950af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/25402af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.ascaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200609-11.xmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securitytracker.com/id?1016794af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.kb.cert.org/vuls/id/915404af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=enaf854a3a-2127-422b-91ae-364da2661108
Broken Link
Patch
http://www.novell.com/linux/security/advisories/2006_23_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.novell.com/linux/security/advisories/2006_24_sr.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openbsd.org/errata.htmlaf854a3a-2127-422b-91ae-364da2661108
Release Notes
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securityfocus.com/archive/1/445600/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/19859af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-343-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us.debian.org/security/2006/dsa-1172af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2006/3473af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2007/1401af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2007/1939af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-626af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144af854a3a-2127-422b-91ae-364da2661108
Broken Link
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: http://secunia.com/advisories/21752
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21786
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21816
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21818
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21828
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21835
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21838
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21912
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21926
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/22298
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/24950
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25402
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1016794
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Source: cve@mitre.org
Resource:
Broken Link
Patch
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.openbsd.org/errata.html
Source: cve@mitre.org
Resource:
Release Notes
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/19859
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://issues.rpath.com/browse/RPL-626
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://docs.info.apple.com/article.html?artnum=305530
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://secunia.com/advisories/21752
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21786
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21816
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21818
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21828
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21835
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21838
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21912
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/21926
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/22298
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/24950
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25402
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1016794
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.kb.cert.org/vuls/id/915404
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Patch
Hyperlink: http://www.novell.com/linux/security/advisories/2006_23_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.novell.com/linux/security/advisories/2006_24_sr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.openbsd.org/errata.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Release Notes
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.securityfocus.com/archive/1/445600/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/19859
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/usn-343-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.us.debian.org/security/2006/dsa-1172
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2006/3473
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1401
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.vupen.com/english/advisories/2007/1939
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://issues.rpath.com/browse/RPL-626
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link

Change History

0
Information is not available yet

Similar CVEs

1036Records found
CVE-2020-14155
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.52%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 00:00
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

Action-Not Available
Vendor-pcren/aGitLab Inc.Apple Inc.NetApp, Inc.Splunk LLC (Cisco Systems, Inc.)Oracle Corporation
Product-h500scloud_backuph410c_firmwareh300s_firmwarepcreactive_iq_unified_managerh410smacosh300suniversal_forwardercommunications_cloud_native_core_policysteelstore_cloud_integrated_storageclustered_data_ontapontap_select_deploy_administration_utilityh410s_firmwareh700s_firmwareh500s_firmwareh410cgitlabh700sn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-2221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.78% / 81.95%
||
7 Day CHG~0.00%
Published-12 May, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.

Action-Not Available
Vendor-n/aClamAVCanonical Ltd.
Product-ubuntu_linuxclamavn/a
CVE-2015-0808
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5||MEDIUM
EPSS-0.80% / 73.17%
||
7 Day CHG~0.00%
Published-01 Apr, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSECanonical Ltd.
Product-firefoxopensuseubuntu_linuxn/a
CVE-2015-2222
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.55% / 80.70%
||
7 Day CHG~0.00%
Published-12 May, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.

Action-Not Available
Vendor-n/aClamAVCanonical Ltd.
Product-ubuntu_linuxclamavn/a
CVE-2015-1118
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-5||MEDIUM
EPSS-0.88% / 74.35%
||
7 Day CHG~0.00%
Published-10 Apr, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osmac_os_xtvosn/a
CVE-2015-1105
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-5||MEDIUM
EPSS-6.23% / 90.52%
||
7 Day CHG~0.00%
Published-10 Apr, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osmac_os_xtvosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3146
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.39% / 84.41%
||
7 Day CHG~0.00%
Published-13 Apr, 2016 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.

Action-Not Available
Vendor-libsshn/aFedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-debian_linuxfedoraubuntu_linuxlibsshn/a
CVE-2015-1546
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-10.38% / 92.91%
||
7 Day CHG~0.00%
Published-12 Feb, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matched values control.

Action-Not Available
Vendor-openldapn/aopenSUSEApple Inc.
Product-opensusemac_os_xopenldapn/a
CVE-2015-1352
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.09% / 91.79%
||
7 Day CHG~0.00%
Published-30 Mar, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.

Action-Not Available
Vendor-n/aThe PHP GroupApple Inc.
Product-mac_os_xphpn/a
CVE-1999-1412
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-13.81% / 94.03%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.

Action-Not Available
Vendor-n/aThe Apache Software FoundationApple Inc.
Product-macoshttp_servern/a
CVE-2004-0361
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.88% / 90.22%
||
7 Day CHG~0.00%
Published-18 Mar, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CVE-2015-0824
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5||MEDIUM
EPSS-1.81% / 82.09%
||
7 Day CHG~0.00%
Published-25 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSECanonical Ltd.
Product-firefoxopensuseubuntu_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-0222
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-4.57% / 88.78%
||
7 Day CHG~0.00%
Published-16 Jan, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.

Action-Not Available
Vendor-n/aCanonical Ltd.Django
Product-ubuntu_linuxdjangon/a
CVE-2014-9850
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 80.97%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serversuse_linux_enterprise_software_development_kitleapimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CVE-2025-31208
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.24%
||
7 Day CHG~0.00%
Published-12 May, 2025 | 21:42
Updated-27 May, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.

Action-Not Available
Vendor-Apple Inc.
Product-macosiphone_osipadoswatchosvisionostvosmacOSvisionOStvOSiPadOSwatchOSiOS and iPadOS
CWE ID-CWE-20
Improper Input Validation
CVE-2007-4812
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.14% / 88.20%
||
7 Day CHG~0.00%
Published-11 Sep, 2007 | 18:00
Updated-07 Aug, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9849
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 80.97%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-0272
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.91% / 74.88%
||
7 Day CHG~0.00%
Published-17 Nov, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

Action-Not Available
Vendor-n/aSUSEThe GNOME ProjectOracle CorporationCanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_real_time_extensionlinux_enterprise_software_development_kitlinux_enterprise_desktopnetworkmanagerlinux_enterprise_workstation_extensionlinuxlinux_enterprise_serverlinux_enterprise_debuginfon/a
CVE-2015-0248
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-11.43% / 93.31%
||
7 Day CHG~0.00%
Published-08 Apr, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

Action-Not Available
Vendor-n/aopenSUSEThe Apache Software FoundationRed Hat, Inc.Apple Inc.Oracle Corporation
Product-enterprise_linux_serversolarisenterprise_linux_hpc_nodeopensuseenterprise_linux_desktopenterprise_linux_server_eussubversionenterprise_linux_workstationxcoden/a
CVE-2014-8484
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.02% / 83.02%
||
7 Day CHG~0.00%
Published-09 Dec, 2014 | 22:52
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.

Action-Not Available
Vendor-n/aFedora ProjectGNUCanonical Ltd.
Product-binutilsfedoraubuntu_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1240
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-1.45% / 79.97%
||
7 Day CHG~0.00%
Published-19 Apr, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/LinuxCanonical Ltd.
Product-debian_linuxubuntu_linuxchromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-49322
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.87%
||
7 Day CHG~0.00%
Published-26 Nov, 2023 | 00:00
Updated-02 Aug, 2024 | 21:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

Action-Not Available
Vendor-n/aApple Inc.F-Secure CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_security_64server_securitylinux_kernelclient_securityelements_endpoint_protectionatlantwindowsmacosemail_and_server_securitylinux_protectionn/a
CVE-2007-3998
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.19% / 89.52%
||
7 Day CHG~0.00%
Published-04 Sep, 2007 | 18:00
Updated-07 Aug, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set.

Action-Not Available
Vendor-n/aCanonical Ltd.The PHP GroupDebian GNU/Linux
Product-ubuntu_linuxphpdebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-50387
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-36.40% / 96.99%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 00:00
Updated-12 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.

Action-Not Available
Vendor-nicnlnetlabsthekelleyspowerdnsn/aRed Hat, Inc.Microsoft CorporationInternet Systems Consortium, Inc.Fedora Project
Product-enterprise_linuxwindows_server_2019windows_server_2016windows_server_2008windows_server_2022_23h2knot_resolverwindows_server_2012bindwindows_server_2022fedorarecursorunbounddnsmasqn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2007-3847
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-4.95% / 89.24%
||
7 Day CHG~0.00%
Published-23 Aug, 2007 | 22:00
Updated-07 Aug, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationFedora Project
Product-fedora_corehttp_serverfedoraubuntu_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2007-4045
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.61% / 85.07%
||
7 Day CHG~0.00%
Published-27 Jul, 2007 | 22:00
Updated-07 Aug, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation.

Action-Not Available
Vendor-n/aFedora ProjectApple Inc.
Product-cupsfedoran/a
CVE-2015-0253
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-6.62% / 90.81%
||
7 Day CHG~0.00%
Published-20 Jul, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.

Action-Not Available
Vendor-n/aThe Apache Software FoundationApple Inc.Oracle Corporation
Product-mac_os_x_serversolarishttp_serverlinuxmac_os_xn/a
CVE-2016-9597
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.33% / 79.11%
||
7 Day CHG~0.00%
Published-30 Jul, 2018 | 14:00
Updated-06 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

Action-Not Available
Vendor-Canonical Ltd.HP Inc.libxml2 (XMLSoft)Debian GNU/LinuxopenSUSERed Hat, Inc.
Product-ubuntu_linuxdebian_linuxlibxml2icewall_file_managericewall_federation_agentleaplibxml2
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9851
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.03% / 83.07%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-0410
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.70% / 87.48%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

Action-Not Available
Vendor-n/aOracle CorporationopenSUSERed Hat, Inc.Debian GNU/LinuxNovellCanonical Ltd.
Product-enterprise_linuxjrockitopensuseubuntu_linuxsuse_linux_enterprise_serverjdksuse_linux_enterprise_desktopdebian_linuxjren/a
CVE-2014-9854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.72% / 81.62%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-linux_enterprise_serversuse_linux_enterprise_serverleapimagemagicklinux_enterprise_software_development_kitubuntu_linuxopensusen/a
CVE-2022-28880
Matching Score-8
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
ShareView Details
Matching Score-8
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 53.44%
||
7 Day CHG+0.23%
Published-05 Aug, 2022 | 16:46
Updated-03 Aug, 2024 | 06:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service (DoS) Vulnerability

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.

Action-Not Available
Vendor-Apple Inc.F-Secure CorporationMicrosoft Corporation
Product-linux_security_64linux_securitycloud_protection_for_salesforceelements_endpoint_protectionatlantelements_collaboration_protectionelements_endpoint_detection_and_responsewindowsmacosinternet_gatekeeperAll F-Secure and WithSecure Endpoint Protection products for Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protection
CVE-2015-0228
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-10.73% / 93.04%
||
7 Day CHG~0.00%
Published-08 Mar, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.

Action-Not Available
Vendor-n/aopenSUSEThe Apache Software FoundationApple Inc.Canonical Ltd.
Product-mac_os_x_serveropensuseubuntu_linuxhttp_servermac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-9842
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.36% / 84.30%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2007-1863
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-29.69% / 96.46%
||
7 Day CHG~0.00%
Published-27 Jun, 2007 | 17:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.

Action-Not Available
Vendor-n/aThe Apache Software FoundationApple Inc.
Product-http_servermac_os_x_servern/a
CVE-2007-1285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-9.98% / 92.74%
||
7 Day CHG~0.00%
Published-06 Mar, 2007 | 20:00
Updated-07 Aug, 2024 | 12:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

Action-Not Available
Vendor-n/aSUSENovellRed Hat, Inc.The PHP GroupCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxphplinux_enterprise_serverenterprise_linux_workstationsuse_linuxenterprise_linux_desktopn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2020-14562
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 45.08%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 17:34
Updated-27 Sep, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-openSUSEOracle CorporationNetApp, Inc.Canonical Ltd.Debian GNU/LinuxFedora Project
Product-ubuntu_linuxdebian_linuxe-series_santricity_unified_managere-series_santricity_os_controllere-series_santricity_storage_managerfedorajdke-series_santricity_web_services_proxyleapJava
CVE-2022-28871
Matching Score-8
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
ShareView Details
Matching Score-8
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 42.99%
||
7 Day CHG~0.00%
Published-25 Apr, 2022 | 10:14
Updated-03 Aug, 2024 | 06:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service (DoS) Vulnerability

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.

Action-Not Available
Vendor-Apple Inc.F-Secure CorporationMicrosoft Corporation
Product-windowsatlantmacosmac_os_xAll F-Secure Endpoint Protection products on Windows and Mac F-Secure Linux Security (32-bit) F-Secure Linux Security 64 F-Secure Atlant F-Secure Internet Gatekeeper F-Secure Cloud Protection for Salesforce
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-14397
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.43% / 84.52%
||
7 Day CHG~0.00%
Published-17 Jun, 2020 | 15:13
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.openSUSE
Product-ubuntu_linuxsimatic_itc1500_prosimatic_itc1900simatic_itc2200_pro_firmwaresimatic_itc2200simatic_itc1500_pro_firmwaredebian_linuxsimatic_itc1500simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prolibvncserversimatic_itc1900_proleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2007-1349
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-10.29% / 92.87%
||
7 Day CHG~0.00%
Published-30 Mar, 2007 | 00:00
Updated-07 Aug, 2024 | 12:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationRed Hat, Inc.
Product-mod_perlubuntu_linuxenterprise_linux_serverenterprise_linux_workstationenterprise_linux_eussatelliteenterprise_linux_desktopn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-0342
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.34% / 88.48%
||
7 Day CHG~0.00%
Published-18 Jan, 2007 | 02:00
Updated-03 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019.

Action-Not Available
Vendor-omnigroupn/aApple Inc.
Product-safarimac_os_xwebkitomniwebn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2007-0726
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-13 Mar, 2007 | 22:00
Updated-07 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_x_servermac_os_xn/a
CVE-2015-0830
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5||MEDIUM
EPSS-1.07% / 76.88%
||
7 Day CHG~0.00%
Published-25 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSECanonical Ltd.
Product-firefoxopensuseubuntu_linuxn/a
CVE-2007-0464
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-49.33% / 97.71%
||
7 Day CHG~0.00%
Published-30 Jan, 2007 | 17:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference.

Action-Not Available
Vendor-cfnetworkn/aApple Inc.
Product-mac_os_xcfnetworkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-13114
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.88%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 15:50
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.

Action-Not Available
Vendor-libexif_projectn/aCanonical Ltd.openSUSE
Product-ubuntu_linuxlibexifleapn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2007-0613
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.71% / 88.96%
||
7 Day CHG~0.00%
Published-31 Jan, 2007 | 11:00
Updated-07 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.

Action-Not Available
Vendor-n/aApple Inc.
Product-ichatinstant_message_frameworkmdnsrespondern/a
CVE-2007-0720
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-16.60% / 94.66%
||
7 Day CHG~0.00%
Published-13 Mar, 2007 | 21:00
Updated-07 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.

Action-Not Available
Vendor-cupsn/aApple Inc.
Product-cupsmac_os_xn/a
CVE-2007-0897
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.98% / 89.28%
||
7 Day CHG~0.00%
Published-16 Feb, 2007 | 19:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.

Action-Not Available
Vendor-n/aDebian GNU/LinuxClamAVApple Inc.
Product-clamavdebian_linuxmac_os_x_servern/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2015-0221
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-8.82% / 92.17%
||
7 Day CHG~0.00%
Published-16 Jan, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.

Action-Not Available
Vendor-n/aCanonical Ltd.Django
Product-ubuntu_linuxdjangon/a
CVE-2014-8483
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.72% / 85.36%
||
7 Day CHG~0.00%
Published-06 Nov, 2014 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

Action-Not Available
Vendor-quassel-ircn/aDebian GNU/LinuxopenSUSECanonical Ltd.
Product-debian_linuxquassel_ircopensuseubuntu_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 20
  • 21
  • Next
Details not found