Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-2106

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-07 May, 2008 | 20:07
Updated At-07 Aug, 2024 | 08:49
Rejected At-
Credits

Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:07 May, 2008 | 20:07
Updated At:07 Aug, 2024 | 08:49
Rejected At:
▼CVE Numbering Authority (CNA)

Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/29026
vdb-entry
x_refsource_BID
http://secunia.com/advisories/30050
third-party-advisory
x_refsource_SECUNIA
http://securityreason.com/securityalert/3858
third-party-advisory
x_refsource_SREASON
http://www.securityfocus.com/archive/1/491564/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://aluigi.altervista.org/adv/cod4statz-adv.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/42163
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/29026
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/30050
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securityreason.com/securityalert/3858
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://www.securityfocus.com/archive/1/491564/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://aluigi.altervista.org/adv/cod4statz-adv.txt
Resource:
x_refsource_MISC
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42163
Resource:
vdb-entry
x_refsource_XF
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/29026
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/30050
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securityreason.com/securityalert/3858
third-party-advisory
x_refsource_SREASON
x_transferred
http://www.securityfocus.com/archive/1/491564/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://aluigi.altervista.org/adv/cod4statz-adv.txt
x_refsource_MISC
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/42163
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/29026
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/30050
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securityreason.com/securityalert/3858
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/491564/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://aluigi.altervista.org/adv/cod4statz-adv.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42163
Resource:
vdb-entry
x_refsource_XF
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:07 May, 2008 | 20:20
Updated At:23 Apr, 2026 | 00:35

Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C
CPE Matches
activision
activision
>>call_of_duty_4>>Versions up to 1.5(inclusive)
cpe:2.3:a:activision:call_of_duty_4:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://aluigi.altervista.org/adv/cod4statz-adv.txtcve@mitre.org
N/A
http://secunia.com/advisories/30050cve@mitre.org
Vendor Advisory
http://securityreason.com/securityalert/3858cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/491564/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/29026cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42163cve@mitre.org
N/A
http://aluigi.altervista.org/adv/cod4statz-adv.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/30050af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securityreason.com/securityalert/3858af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/491564/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/29026af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42163af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://aluigi.altervista.org/adv/cod4statz-adv.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/30050
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://securityreason.com/securityalert/3858
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/491564/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/29026
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42163
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://aluigi.altervista.org/adv/cod4statz-adv.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/30050
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://securityreason.com/securityalert/3858
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/491564/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/29026
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42163
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

119Records found
CVE-2014-3299
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.24% / 79.44%
||
7 Day CHG+0.29%
Published-25 Jun, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1901
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.62% / 70.34%
||
7 Day CHG~0.00%
Published-14 May, 2015 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote authenticated users to cause a denial of service (reboot) via a malformed (1) path parameter to en/store_main.asp, (2) item parameter to en/account/accedit.asp, or (3) emailid parameter to en/smtpclient.asp. NOTE: this issue can be exploited without authentication by leveraging CVE-2014-1900.

Action-Not Available
Vendor-y-camn/a
Product-ycblhd5_firmwareycb001_firmwareyck004_firmwareyck004ycw001yceb03ycw003ycw004_firmwareycb001ycblhd5ycw004ycbl03_firmwareyck003_firmwareycb002ycb002_firmwareycbl03yck003yceb03_firmwareycb004ycw001_firmwareycw002_firmwareycblb3ycblb3_firmwareycb003ycw003_firmwareycw002ycb004_firmwareyck002ycb003_firmwareyck002_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1806
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.33% / 55.71%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 21:45
Updated-21 Nov, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an affected device to cease processing traffic, resulting in the CPU utilization reaching one hundred percent. Manual intervention may be required before a device resumes normal operations. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a malicious SNMP packet to an affected device. A successful exploit could allow the attacker to cause the device to cease forwarding traffic, which could result in a denial of service (DoS) condition. Cisco has released firmware updates that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sg500xg8f8tsg250-10p_firmwaresf550x-48mpsf250-24psg300-10p_firmwaresg300-52_firmwaresf500-24mp_firmwaresg250-18_firmwaresg500-52mp_firmwaresg250x-24p_firmwaresg300-52sg250x-24psg200-26sg250-18sg500-28sg500x-48sg550x-48p_firmwaresg200-50p_firmwaresg200-26_firmwaresx550x-24sf200-24_firmwaresg300-20sg500-28psf250-24p_firmwaresx550x-12fsf200-48sf350-48psf350-48sg550x-48mp_firmwaresg500x-24psf300-24_firmwaresf300-48psg500-52sf300-24mp_firmwaresg500-28mpp_firmwaresf550x-24mp_firmwaresg500-52psg350-28sg500-52_firmwaresf250-24sf550x-48p_firmwaresf300-24ppsg550x-48psg500x24mppsg250x-24_firmwaresg250-50hp_firmwaresx550x-24ft_firmwaresg300-10mpp_firmwaresg250x-24sf550x-48_firmwaresg200-50sg300-52mpsg350-10p_firmwaresf200-48p_firmwaresg200-50psf302-08p_firmwaresg350-10psg355-10psg500-52mpsx550x-16ft_firmwaresg250-50psg300-52pesw2-550x48dc_firmwaresf250-48sg250-26hpsg250x-48p_firmwaresg300-20_firmwaresf500-24p_firmwaresg500x-48mp_firmwaresf500-48sg300-10sfpsf500-24mpsg550x-24_firmwaresg250x-48_firmwaresg300-28_firmwaresf302-08psf500-24psg500-28mppsf200-24p_firmwaresg250-50p_firmwaresf302-08ppsf350-48p_firmwaresf300-48sg250-26sg300-10sfp_firmwaresg250x-48sf550x-48mp_firmwaresg350-28p_firmwaresf550x-24_firmwaresf250-48hp_firmwaresg500x24mpp_firmwaresg300-28ppsg500xg8f8t_firmwaresg300-52mp_firmwaresf500-48_firmwaresg500-28p_firmwaresg350-10mpsf550x-48psg550x-24mppsf550x-24sf500-48psf200-24psg500-52p_firmwaresf500-48p_firmwaresg300-28mpsf302-08mp_firmwaresf350-48mp_firmwaresf250-24_firmwaresg350-28mpsf302-08sg350-28mp_firmwaresg300-28pp_firmwaresf200-24sx550x-24fsg500x-48psg250-26_firmwaresg350-10mp_firmwaresf302-08mpp_firmwaresg500x-48p_firmwaresg355-10p_firmwaresg550x-24mp_firmwaresg200-18_firmwaresg300-10psg300-52p_firmwaresf500-48mpsf300-48ppsg500x-24_firmwareesw2-550x48dcsg550x-48_firmwaresf550x-24p_firmwaresg300-10mp_firmwaresf302-08_firmwaresg300-10mpsg550x-24sf300-08sg300-10ppsg250-50_firmwaresf350-48_firmwaresg250-10psx550x-24f_firmwaresg250-08sg350-28psg250-26hp_firmwareesw2-350g52dc_firmwaresg200-26p_firmwaresf550x-48sg300-28sx550x-52_firmwaresg350-28_firmwaresg300-10_firmwaresg250-08hpsg350-10sg550x-24mpsg500x-24sf300-24p_firmwaresx550x-16ftsg550x-48mpsg350-10_firmwaresx550x-24ftsx550x-52sg250x-48psg500x-24p_firmwaresg250-26psg300-10pp_firmwaresf500-24sg300-10sf550x-24psf300-48p_firmwaresf350-48mpsg250-50sg300-10mppsg550x-24p_firmwaresg300-28psf300-24sg200-26psf200-48psf300-24psg550x-24psg300-28sfpsf302-08mppsf302-08mpsg550x-48sf300-48pp_firmwaresf250-48_firmwaresg250-08_firmwaresf300-24mpsg300-28mp_firmwareesw2-350g52dcsf550x-24mpsx550x-12f_firmwaresf302-08pp_firmwaresg250-50hpsg550x-24mpp_firmwaresf250-48hpsg200-18sg200-50_firmwaresg500x-48_firmwaresg500x-48mpsf300-08_firmwaresg250-26p_firmwaresf200-48_firmwaresx550x-24_firmwaresg300-28sfp_firmwaresg500-28_firmwaresf500-24_firmwaresg250-08hp_firmwaresf500-48mp_firmwaresf300-48_firmwaresf300-24pp_firmwaresg300-28p_firmwareCisco 550X Series Stackable Managed Switches
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2008-0088
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.8||MEDIUM
EPSS-69.06% / 98.66%
||
7 Day CHG~0.00%
Published-12 Feb, 2008 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2000windows_2003_serverwindows_xpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2103
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 58.50%
||
7 Day CHG~0.00%
Published-27 Feb, 2014 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-intrusion_prevention_systemn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6686
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.81% / 74.50%
||
7 Day CHG~0.00%
Published-16 Nov, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6684
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.11% / 29.65%
||
7 Day CHG~0.00%
Published-13 Nov, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web framework on Cisco Wireless LAN Controller (WLC) devices does not properly validate configuration parameters, which allows remote authenticated users to cause a denial of service via a crafted HTTP request, aka Bug ID CSCuh81011.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controllern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3595
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.78% / 73.96%
||
7 Day CHG~0.00%
Published-20 Jan, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OpenManage web application 2.5 build 1.19 on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote authenticated users to cause a denial of service (device reset) via a direct request to an unspecified OSPF URL.

Action-Not Available
Vendor-n/aDell Inc.
Product-powerconnect_3524ppowerconnect_3348powerconnect_5324n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1197
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 58.50%
||
7 Day CHG~0.00%
Published-16 Apr, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0713
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-0.71% / 72.48%
||
7 Day CHG~0.00%
Published-20 Mar, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.

Action-Not Available
Vendor-windrivern/a
Product-vxworksn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0255
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.66% / 88.00%
||
7 Day CHG~0.00%
Published-13 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.

Action-Not Available
Vendor-n/aThe PostgreSQL Global Development Group
Product-postgresqln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-1000026
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.7||HIGH
EPSS-0.86% / 75.33%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 23:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0299
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.88% / 75.53%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco NX-OS on the Cisco Nexus 4000 Series Switch could allow an authenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete validation of an SNMP poll request for a specific MIB. An attacker could exploit this vulnerability by sending a specific SNMP poll request to the targeted device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg10442.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_4001inx-osCisco Nexus 4000 unknown
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0462
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.34% / 56.50%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Enterprise NFV Infrastructure Software Denial of Service Vulnerability

A vulnerability in the user management functionality of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a denial of service (DoS) attack against an affected system. The vulnerability is due to insufficient validation of user-provided input. An attacker could exploit this vulnerability by logging in with a highly privileged user account and performing a sequence of specific user management operations that interfere with the underlying operating system. A successful exploit could allow the attacker to permanently degrade the functionality of the affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-enterprise_network_virtualization_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0291
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.88% / 75.53%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 21:00
Updated-29 Nov, 2024 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_56128pnexus_9332pqnexus_3132q-xnexus_93108tc-exnexus_3172tqnx-osnexus_9508nexus_3100-vnexus_3636c-rnexus_93120txnexus_n9k-x9636c-rnexus_93128txnexus_3548-xlnexus_31128pqnexus_6001pnexus_3164qnexus_5020nexus_3172tq-32tnexus_3132c-znexus_3524-xnexus_5548pnexus_5648qnexus_9272qucs_6120xpnexus_5672upnexus_3264qnexus_34180ycnexus_3064-32tnexus_5596upnexus_3548nexus_3132qnexus_3016nexus_9372pxnexus_5696qnexus_92304qcnexus_92160yc-xnexus_n9k-x9636q-rucs_6248upnexus_n9k-c9508-fm-rnexus_9504nexus_3048nexus_9500nexus_3524-xlucs_6324nexus_9396txnexus_7000nexus_3172pqnexus_3064-xucs_6332nexus_3232cnexus_5548upnexus_9396pxucs_6296upnexus_5010nexus_5000nexus_5596tnexus_3264c-enexus_9372txnexus_5624qnexus_3548-xnexus_3132q-xlnexus_3064-tnexus_93180yc-exnexus_6001tucs_6140xpnexus_172tq-xlnexus_c36180yc-rnexus_9236cnexus_9516nexus_3172pq-xlnexus_7700Cisco NX-OS unknown
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0248
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.31% / 54.56%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 21:30
Updated-21 Nov, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities

A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. The attacker would need to have valid administrator credentials on the device. This vulnerability is due to incomplete input validation for unexpected configuration options that the attacker could submit while accessing the GUI configuration menus. An attacker could exploit these vulnerabilities by authenticating to the device and submitting crafted user input when using the administrative GUI configuration feature. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Software versions prior to 8.3.150.0, 8.5.140.0, 8.8.111.0 are affected by this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wireless_lan_controller_softwareCisco Wireless LAN Controller (WLC)
CWE ID-CWE-20
Improper Input Validation
CVE-2012-5017
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 58.50%
||
7 Day CHG~0.00%
Published-23 Apr, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asr_1023_routerasr_1002_fixed_routeriosasr_1002-xasr_1002asr_1001asr_1006asr_1004n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1963
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.88% / 75.53%
||
7 Day CHG~0.00%
Published-28 Aug, 2019 | 18:50
Updated-21 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_93180lc-exfirepower_4150nexus_56128pnx-osnexus_3636c-r9736pqnexus_7700_supervisor_3en9k-x9732c-fxn9k-c9504-fm-rmds_9506mds_9250inexus_9332cnexus_5020nexus_9336c-fx2x9636q-rnexus_9348gc-fxpmds_9718mds_9148snexus_9500_supervisor_b\+n7k-f306ck-25mds_9513mds_9148tnexus_93180yc-fxmds_9132tfirepower_4140n7k-m348xp-25lfx-osfirepower_9300_with_1_sm-24_modulen9k-x9736c-fxmds_92167700_6-slotn9k-x9736c-exnexus_7000_supervisor_1nexus_3548-x\/xlmds_9216ax96136yc-rn77-f348xp-23nexus_9500_supervisor_b7000_18-slotnexus_3048nexus_93360yc-fx2n9k-c93180yc-fxfirepower_4120n7k-f312fq-25mds_9396tmds_9396sn77-m312cq-26lnexus_5548upn9k-x9788tc-fxn9k-x9564txfirepower_9300_with_1_sm-36_modulenexus_7000_supervisor_2ex9636c-rxn77-f430cq-36n9k-x9464pxmds_9216inexus_5596tnexus_5624q9636pqn9k-x9432c-snexus_93600cd-gxn9k-x9636c-rnexus_93108tc-exnexus_9508nexus_93120tx7000_10-slotfirepower_4110nexus_9316d-gxn9k-c9236cnexus_7000_supervisor_2nexus_3524-x\/xlnexus_6004n9k-x9464tx2n7k-f248xp-25en9k-x96136yc-rn9k-c93180yc-exn77-f324fq-25n9k-x9636q-rnexus_9364cfirepower_9300_with_1_sm-44_modulenexus_7700_supervisor_2e7700_2-slotnexus_5548pnexus_5648q9536pqn9k-c9272qn9k-x9732c-exnexus_93216tc-fx2nexus_36180yc-rnexus_5672upn77-f312ck-26nexus_1000_virtual_edgemds_95097000_4-slotn9k-x9636c-rxmds_9706nexus_9500_supervisor_a\+nexus_5596upn7k-m206fq-23ln9k-x97160yc-exnexus_5696qnexus_92160yc-xnexus_9504n77-m324fq-25lnexus_6001nexus_93108tc-fxn7k-m202cf-22ln9k-c9508-fm-rnexus_9500_supervisor_a7000_9-slotnexus_92300ycx9636c-rfirepower_9300_with_3_sm-44_modulen7k-m324fq-25lnexus_1000v_switchmds_9222inexus_50107700_10-slotn77-m348xp-23l7700_18-slot9432pqnexus_93240yc-fx2n9k-c92160yc-xmds_9710nexus_93180yc-exn9k-c93180lc-exnexus_9516n9k-x9564pxn7k-m224xp-23lnexus_5672up-16gCisco Unified Computing System (Managed)
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6901
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 46.03%
||
7 Day CHG~0.00%
Published-26 Sep, 2016 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ar100ar2200netengine_16exar150ar2500ar500netengine_16ex_firmwarear550ar200ar3200ar120ar_firmwarear3600ar1200n/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found