Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-0413

Summary
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
Published At-31 Jan, 2011 | 20:00
Updated At-06 Aug, 2024 | 21:51
Rejected At-
Credits

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:certcc
Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b
Published At:31 Jan, 2011 | 20:00
Updated At:06 Aug, 2024 | 21:51
Rejected At:
▼CVE Numbering Authority (CNA)

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0266
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43006
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0235
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43354
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
vdb-entry
x_refsource_XF
http://www.osvdb.org/70680
vdb-entry
x_refsource_OSVDB
http://secunia.com/advisories/43104
third-party-advisory
x_refsource_SECUNIA
https://kb.isc.org/article/AA-00456
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
vendor-advisory
x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2011/0583
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2011/0300
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43613
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1024999
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/43167
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0256.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/bid/46035
vdb-entry
x_refsource_BID
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
vendor-advisory
x_refsource_FEDORA
http://www.isc.org/software/dhcp/advisories/cve-2011-0413
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2011/0400
vdb-entry
x_refsource_VUPEN
http://www.debian.org/security/2011/dsa-2184
vendor-advisory
x_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/686084
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43006
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43354
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.osvdb.org/70680
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://secunia.com/advisories/43104
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://kb.isc.org/article/AA-00456
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43613
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1024999
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/43167
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/bid/46035
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Resource:
third-party-advisory
x_refsource_CERT-VN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0266
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43006
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2011/0235
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43354
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
vdb-entry
x_refsource_XF
x_transferred
http://www.osvdb.org/70680
vdb-entry
x_refsource_OSVDB
x_transferred
http://secunia.com/advisories/43104
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://kb.isc.org/article/AA-00456
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.vupen.com/english/advisories/2011/0583
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2011/0300
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43613
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1024999
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/43167
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0256.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/bid/46035
vdb-entry
x_refsource_BID
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.isc.org/software/dhcp/advisories/cve-2011-0413
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2011/0400
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.debian.org/security/2011/dsa-2184
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.kb.cert.org/vuls/id/686084
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43006
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43354
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.osvdb.org/70680
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://secunia.com/advisories/43104
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://kb.isc.org/article/AA-00456
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43613
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1024999
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/43167
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/46035
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cret@cert.org
Published At:31 Jan, 2011 | 21:00
Updated At:11 Apr, 2025 | 00:51

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0
cpe:2.3:a:isc:dhcp:4.0:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.0
cpe:2.3:a:isc:dhcp:4.0.0:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.1
cpe:2.3:a:isc:dhcp:4.0.1:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.1
cpe:2.3:a:isc:dhcp:4.0.1:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.1
cpe:2.3:a:isc:dhcp:4.0.1:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:b2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:b3:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.3
cpe:2.3:a:isc:dhcp:4.0.3:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.3
cpe:2.3:a:isc:dhcp:4.0.3:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.3
cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.0
cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.2
cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0-esv
cpe:2.3:a:isc:dhcp:4.0-esv:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1-esv
cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlcret@cert.org
Third Party Advisory
http://secunia.com/advisories/43006cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43104cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43167cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43354cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43613cret@cert.org
Third Party Advisory
http://securitytracker.com/id?1024999cret@cert.org
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2184cret@cert.org
Third Party Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-0413cret@cert.org
Vendor Advisory
http://www.kb.cert.org/vuls/id/686084cret@cert.org
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022cret@cert.org
Third Party Advisory
http://www.osvdb.org/70680cret@cert.org
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0256.htmlcret@cert.org
Third Party Advisory
http://www.securityfocus.com/bid/46035cret@cert.org
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0235cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0266cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0300cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0400cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0583cret@cert.org
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959cret@cert.org
Third Party Advisory
VDB Entry
https://kb.isc.org/article/AA-00456cret@cert.org
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43006af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43104af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43167af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43354af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43613af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securitytracker.com/id?1024999af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2184af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-0413af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.kb.cert.org/vuls/id/686084af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.osvdb.org/70680af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0256.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/46035af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0235af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0266af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0300af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0400af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0583af854a3a-2127-422b-91ae-364da2661108
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://kb.isc.org/article/AA-00456af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43006
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43104
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43167
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43354
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43613
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1024999
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Source: cret@cert.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://www.osvdb.org/70680
Source: cret@cert.org
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/46035
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://kb.isc.org/article/AA-00456
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43006
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43104
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43167
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43354
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43613
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1024999
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.osvdb.org/70680
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/46035
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://kb.isc.org/article/AA-00456
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

508Records found
CVE-2016-1481
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.35%
||
7 Day CHG~0.00%
Published-28 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter that contains certain rules. More Information: CSCux59873. Known Affected Releases: 8.5.6-106 9.1.0-032 9.7.0-125. Known Fixed Releases: 9.1.1-038 9.7.1-066.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_applianceCisco AsyncOS through 9.7.0-125
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1483
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.57%
||
7 Day CHG~0.00%
Published-19 Sep, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1478
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.74% / 72.04%
||
7 Day CHG~0.00%
Published-08 Aug, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1744
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.04% / 76.56%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_callmanagerunified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-10703
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.52% / 80.53%
||
7 Day CHG~0.00%
Published-14 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string.

Action-Not Available
Vendor-ecstatic_projectn/a
Product-ecstaticn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-11031
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.39%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 13:42
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1303
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.98%
||
7 Day CHG~0.00%
Published-30 Jan, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-sf500-48p500_series_switch_firmwaresg500-28sg500-52sf500-24psg500-52mpsg500x-24sg500x-48sg500-52psg500-28psg500-28mppsg500x-24psg500x-48psg500xg-8f8tsf500-48sf500-24n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1336
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-31.81% / 96.66%
||
7 Day CHG~0.00%
Published-03 Jul, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of Service" issue, aka Bug ID CSCuy28100.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-epc3928epc3928_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1745
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1740
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1263
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.61% / 68.70%
||
7 Day CHG~0.00%
Published-09 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9-S1, 14.1 before 14.1R7, 14.2 before 14.2R6, 15.1 before 15.1F2-S5, 15.1F4 before 15.1F4-S2, 15.1R before 15.1R2-S3, 15.1 before 15.1R3, and 15.1X49 before 15.1X49-D40 allow remote attackers to cause a denial of service (kernel crash) via a crafted UDP packet destined to the interface IP address of a 64-bit OS device.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1479
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.66%
||
7 Day CHG~0.00%
Published-22 Aug, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of service (memory corruption) via a crafted HTTP request, aka Bug ID CSCuz03038.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ip_phone_8800_series_firmwareip_phone_8800n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1268
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.56% / 67.24%
||
7 Day CHG~0.00%
Published-15 Apr, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-screenosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1380
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.28%
||
7 Day CHG~0.00%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_appliancen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1382
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.49% / 64.37%
||
7 Day CHG-0.76%
Published-25 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-web_security_applianceweb_security_appliance_\(wsa\)n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1351
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.83% / 82.18%
||
7 Day CHG~0.00%
Published-26 Mar, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosnx-osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1328
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-23.20% / 95.72%
||
7 Day CHG~0.00%
Published-03 Jul, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-epc3928epc3928_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1245
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-4.29% / 88.41%
||
7 Day CHG~0.00%
Published-10 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.

Action-Not Available
Vendor-n/aBelkin International, Inc.
Product-f5d7230-4n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-8702
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-0.76% / 72.28%
||
7 Day CHG~0.00%
Published-12 Apr, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service (netsplit) via an invalid character in a PTR response, as demonstrated by a "\032" (whitespace) character in a hostname.

Action-Not Available
Vendor-inspircdn/aDebian GNU/Linux
Product-debian_linuxinspircdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-41788
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.55% / 66.92%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:18
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7612mt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7629mt7915_firmwaremt7612_firmwaremt7613mt7615_firmwaremt7613_firmwaremt7622mt7915n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7686
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.03% / 76.36%
||
7 Day CHG~0.00%
Published-03 Oct, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments.

Action-Not Available
Vendor-email-address_projectn/a
Product-email-addressn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1158
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presence_serverunified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6849
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.8||HIGH
EPSS-1.01% / 76.23%
||
7 Day CHG~0.00%
Published-05 Dec, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-networkern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7749
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.47% / 63.71%
||
7 Day CHG~0.00%
Published-19 Oct, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PFE daemon in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service via an unspecified connection request to the "host-OS."

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6282
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.41% / 60.57%
||
7 Day CHG~0.00%
Published-25 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-6573
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.62% / 68.97%
||
7 Day CHG~0.00%
Published-28 Dec, 2007 | 21:00
Updated-07 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DATA command; possibly a related issue to CVE-2006-5551.

Action-Not Available
Vendor-qksoftn/a
Product-qk_smtp_server_3n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6279
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.94%
||
7 Day CHG~0.00%
Published-28 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6291
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.10% / 77.11%
||
7 Day CHG~0.00%
Published-06 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and attachment-dictionary-match filtering, which allows remote attackers to cause a denial of service (memory consumption) via a crafted attachment in an e-mail message, aka Bug ID CSCuv47151.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_appliancen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6260
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.02%
||
7 Day CHG~0.00%
Published-03 Mar, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Zyxel Networks Corporation
Product-nexus_5596upgs1900-10hp_firmwarenexus_5672upnexus_5548pnexus_5648qnexus_5696qnexus_5548upnexus_5596tnexus_5624qnexus_56128pn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6278
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.94%
||
7 Day CHG~0.00%
Published-28 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-0534
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-3.79% / 87.61%
||
7 Day CHG~0.00%
Published-22 May, 2008 | 10:00
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582.

Action-Not Available
Vendor-icon-labsn/aCisco Systems, Inc.
Product-service_control_engineiconfidant_sshn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-0526
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-15 Feb, 2008 | 01:00
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-session_initiation_protocol_\(sip\)_firmwareskinny_client_control_protocol_\(sccp\)_firmwareunified_ip_phonen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5091
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-2.61% / 85.08%
||
7 Day CHG~0.00%
Published-15 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to cause a denial of service via invalid data.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readermacosacrobat_dcwindowsacrobatn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3913
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-08 Jun, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s5720his5700si_firmwares7700_firmwares2300s2750ei_firmwares12700_firmwares5300ei_firmwares7700s5700hi_firmwares5300hi_firmwares5720hi_firmwares9700_firmwares6700ei_firmwares2700_firmwares5700his9300_firmwares5300lis2350ei_firmwares5700li_firmwares3300s5700ei_firmwares5300li_firmwares3700s2300_firmwares2750eis5700eis3300_firmwares12700s5710his6300eis6300ei_firmwares2350eis9700s5700sis5300eis5300sis6700eis5700lis5710hi_firmwares9300s5300si_firmwares3700_firmwares5300his2700n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-6372
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.43% / 84.53%
||
7 Day CHG~0.00%
Published-15 Dec, 2007 | 01:00
Updated-07 Aug, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37004
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:25
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2007-6010
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.62% / 68.97%
||
7 Day CHG~0.00%
Published-15 Nov, 2007 | 23:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933.

Action-Not Available
Vendor-pioneersn/a
Product-pioneersn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37026
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:23
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37005
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:24
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37008
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:22
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37017
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:24
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37003
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:23
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5557
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.46% / 63.09%
||
7 Day CHG~0.00%
Published-18 Oct, 2007 | 20:00
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the NEC mobile handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aNEC Corporation
Product-mobile_handsetn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2055
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-20.91% / 95.41%
||
7 Day CHG~0.00%
Published-23 Feb, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter.

Action-Not Available
Vendor-zhone_technologiesn/a
Product-gpon_2520gpon_2520_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5830
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.66% / 70.16%
||
7 Day CHG~0.00%
Published-05 Nov, 2007 | 19:00
Updated-07 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation."

Action-Not Available
Vendor-n/aAvaya LLC
Product-message_networkingmessaging_storage_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5462
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.23% / 83.84%
||
7 Day CHG~0.00%
Published-15 Oct, 2007 | 22:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5984
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-17.35% / 94.79%
||
7 Day CHG~0.00%
Published-15 Nov, 2007 | 00:00
Updated-07 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."

Action-Not Available
Vendor-justin_hagstromn/a
Product-autoindex_php_scriptn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2177
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-50.64% / 97.76%
||
7 Day CHG~0.00%
Published-07 Mar, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7-300_cpusimatic_s7-300_cpu_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34570
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.45% / 62.54%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 08:25
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Phoenix Contact: DoS for PLCnext Control devices in versions prior to 2021.0.5 LTS

Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-axc_f_2152axc_f_1152_firmwareaxc_f_2152_starterkitaxc_f_2152_firmwareaxc_f_1152rfc_4072s_firmwareplcnext_technology_starterkit_firmwarerfc_4072saxc_f_3152axc_f_2152_starterkit_firmwareaxc_f_3152_firmwareplcnext_technology_starterkitRFCAXC FPLCnext
CWE ID-CWE-20
Improper Input Validation
CVE-2015-0644
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.86% / 85.73%
||
7 Day CHG~0.00%
Published-26 Mar, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via a crafted TCP packet, aka Bug ID CSCuo53622.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xen/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 10
  • 11
  • Next
Details not found