Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-0413

Summary
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
Published At-31 Jan, 2011 | 20:00
Updated At-06 Aug, 2024 | 21:51
Rejected At-
Credits

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:certcc
Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b
Published At:31 Jan, 2011 | 20:00
Updated At:06 Aug, 2024 | 21:51
Rejected At:
▼CVE Numbering Authority (CNA)

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0266
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43006
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0235
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43354
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
vdb-entry
x_refsource_XF
http://www.osvdb.org/70680
vdb-entry
x_refsource_OSVDB
http://secunia.com/advisories/43104
third-party-advisory
x_refsource_SECUNIA
https://kb.isc.org/article/AA-00456
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
vendor-advisory
x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2011/0583
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2011/0300
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43613
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1024999
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/43167
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0256.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/bid/46035
vdb-entry
x_refsource_BID
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
vendor-advisory
x_refsource_FEDORA
http://www.isc.org/software/dhcp/advisories/cve-2011-0413
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2011/0400
vdb-entry
x_refsource_VUPEN
http://www.debian.org/security/2011/dsa-2184
vendor-advisory
x_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/686084
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43006
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43354
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.osvdb.org/70680
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://secunia.com/advisories/43104
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://kb.isc.org/article/AA-00456
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43613
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1024999
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/43167
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/bid/46035
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Resource:
third-party-advisory
x_refsource_CERT-VN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0266
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43006
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2011/0235
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43354
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
vdb-entry
x_refsource_XF
x_transferred
http://www.osvdb.org/70680
vdb-entry
x_refsource_OSVDB
x_transferred
http://secunia.com/advisories/43104
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://kb.isc.org/article/AA-00456
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.vupen.com/english/advisories/2011/0583
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2011/0300
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43613
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1024999
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/43167
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0256.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/bid/46035
vdb-entry
x_refsource_BID
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.isc.org/software/dhcp/advisories/cve-2011-0413
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2011/0400
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.debian.org/security/2011/dsa-2184
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.kb.cert.org/vuls/id/686084
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43006
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43354
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.osvdb.org/70680
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://secunia.com/advisories/43104
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://kb.isc.org/article/AA-00456
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43613
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1024999
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/43167
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/46035
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cret@cert.org
Published At:31 Jan, 2011 | 21:00
Updated At:11 Apr, 2025 | 00:51

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0
cpe:2.3:a:isc:dhcp:4.0:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.0
cpe:2.3:a:isc:dhcp:4.0.0:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.1
cpe:2.3:a:isc:dhcp:4.0.1:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.1
cpe:2.3:a:isc:dhcp:4.0.1:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.1
cpe:2.3:a:isc:dhcp:4.0.1:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:b2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:b3:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.2
cpe:2.3:a:isc:dhcp:4.0.2:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.3
cpe:2.3:a:isc:dhcp:4.0.3:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.3
cpe:2.3:a:isc:dhcp:4.0.3:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0.3
cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.0
cpe:2.3:a:isc:dhcp:4.1.0:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.1
cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1.2
cpe:2.3:a:isc:dhcp:4.1.2:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.0-esv
cpe:2.3:a:isc:dhcp:4.0-esv:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.1-esv
cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>dhcp>>4.2.0
cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlcret@cert.org
Third Party Advisory
http://secunia.com/advisories/43006cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43104cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43167cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43354cret@cert.org
Third Party Advisory
http://secunia.com/advisories/43613cret@cert.org
Third Party Advisory
http://securitytracker.com/id?1024999cret@cert.org
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2184cret@cert.org
Third Party Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-0413cret@cert.org
Vendor Advisory
http://www.kb.cert.org/vuls/id/686084cret@cert.org
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022cret@cert.org
Third Party Advisory
http://www.osvdb.org/70680cret@cert.org
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0256.htmlcret@cert.org
Third Party Advisory
http://www.securityfocus.com/bid/46035cret@cert.org
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0235cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0266cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0300cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0400cret@cert.org
Permissions Required
http://www.vupen.com/english/advisories/2011/0583cret@cert.org
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959cret@cert.org
Third Party Advisory
VDB Entry
https://kb.isc.org/article/AA-00456cret@cert.org
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43006af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43104af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43167af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43354af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43613af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securitytracker.com/id?1024999af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.debian.org/security/2011/dsa-2184af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.isc.org/software/dhcp/advisories/cve-2011-0413af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.kb.cert.org/vuls/id/686084af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:022af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.osvdb.org/70680af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0256.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/46035af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2011/0235af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0266af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0300af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0400af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2011/0583af854a3a-2127-422b-91ae-364da2661108
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/64959af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://kb.isc.org/article/AA-00456af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43006
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43104
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43167
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43354
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43613
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1024999
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Source: cret@cert.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://www.osvdb.org/70680
Source: cret@cert.org
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Source: cret@cert.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/46035
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Source: cret@cert.org
Resource:
Permissions Required
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Source: cret@cert.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://kb.isc.org/article/AA-00456
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053644.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43006
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43104
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43167
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43354
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43613
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://securitytracker.com/id?1024999
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.debian.org/security/2011/dsa-2184
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.isc.org/software/dhcp/advisories/cve-2011-0413
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/686084
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.osvdb.org/70680
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0256.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/46035
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vupen.com/english/advisories/2011/0235
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0266
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0300
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0400
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2011/0583
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/64959
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://kb.isc.org/article/AA-00456
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

508Records found
CVE-2014-9369
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.27%
||
7 Day CHG~0.00%
Published-07 Mar, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SPC controllers SPC4000, SPC5000, and SPC6000 before 3.6.0 allow remote attackers to cause a denial of service (device restart) via crafted packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-spc6000_firmwarespc4000_firmwarespc5000_firmwarespc6000spc5000spc4000n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-8572
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.06%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S9700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions could allow remote attackers to send a special SSH packet to the VRP device to cause a denial of service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ac6605s6300s7700_firmwareacus2300s5700s6300_firmwares7700s6700_firmwares5700_firmwares9700_firmwares9300es6700s9700s_series_firmwares5300_firmwareac6605_firmwares9300_firmwares9300e_firmwares9300acu_firmwares3300s5300s3700s2700AC6605,AC6605,ACU,S2300, S3300,S2700, S3700,S5300, S5700,S6300, S6700,S7700, S9300,S9300E, S9700, AC6605 AC6605 V200R001C00, AC6605 V200R002C00,ACU ACU V200R001C00, ACU V200R002C00,S2300, S3300, V100R006C05 and earlier versions,S2700, S3700,S5300, S5700, V100R006,?S6300, S6700 V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions,S7700, S9300, V100R006,S9300E, S9700 V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions,
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-16.01% / 94.51%
||
7 Day CHG~0.00%
Published-18 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22699
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.5||HIGH
EPSS-0.55% / 67.02%
||
7 Day CHG~0.00%
Published-26 May, 2021 | 19:19
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP.

Action-Not Available
Vendor-n/a
Product-modicon_m241modicon_m241_firmwaremodicon_m251_firmwaremodicon_m251Modicon M241/M251 logic controllers firmware prior to V5.1.9.1
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1748
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.17% / 83.66%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1741
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2055
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.74%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_security_applianceadaptive_security_appliance_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2056
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliancepix_security_applianceadaptive_security_appliance_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1747
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.17% / 83.66%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.88%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 03:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1.3 before 1.3.0.A6 allow remote attackers to cause a denial of service (reboot) via a reboot command in an SPA message.

Action-Not Available
Vendor-n/aHitachi Energy Ltd.
Product-relion_630_firmwarerelion_630n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20335
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.67% / 81.36%
||
7 Day CHG~0.00%
Published-20 Mar, 2020 | 00:11
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ac1750rt-ax3000rt-n56rrt-acrh13rt-ac1200gert-ac66urt-ac1200grt-ac66rrt-ac1200rt-n10\+d1rt-ac3200rt-acrh12rt-n600rt-ac68urt-ac5300rt-ax88urt-n56urt-n19rt-ax92urt-ac68pgt-ac2900rt-n10ert-ac86urt-ac56srt-n65urt-ax56urt-ac56urt-n16rt-ac66u-b1rt-n14urt-ac55urt-ax58uasuswrtrt-ac88urt-ac87urt-ac56rrt-n66rrt-g32rt-n66urt-ac51urt-ac1900pgt-ax11000rt-ac3100rt-ac66u_b1rt-ac1750_b1rt-ac1200_v2gt-ac5300n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1746
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-4443
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.98% / 75.80%
||
7 Day CHG~0.00%
Published-18 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apple OS X before 10.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted ASN.1 data.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20404
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.04%
||
7 Day CHG~0.00%
Published-26 Dec, 2018 | 20:00
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board, is vulnerable to denial of service attack via IOCTL 0x9C402048, which calls memmove and constantly fails on an arbitrary (uncontrollable) address, resulting in an eternal hang or a BSoD.

Action-Not Available
Vendor-viatechn/a
Product-epia-e900_firmwareepia-e900n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2391
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.32% / 53.99%
||
7 Day CHG~0.00%
Published-21 May, 2008 | 10:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1.

Action-Not Available
Vendor-codeplexn/a
Product-subsonicn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2061
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-26 Jun, 2008 | 17:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22445
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.90%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 17:39
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22359
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.90%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 12:40
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s5700_firmwares6700_firmwares6700s5700S5700;S6700
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1744
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.04% / 76.56%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_callmanagerunified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1745
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1740
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25751
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-3.26% / 86.64%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x308-2m_ts_firmwarescalance_x307-3_firmwarescalance_xr324-12mscalance_x310fescalance_x310fe_firmwarescalance_xr324-4m_eecscalance_x308-2ldscalance_x320-1fe_firmwaresiplus_net_scalance_x308-2scalance_xr324-4m_poe_firmwarescalance_x308-2scalance_x307-2eecscalance_xr324-4m_eec_firmwarescalance_x308-2_firmwarescalance_x304-2fe_firmwarescalance_xr324-12m_ts_firmwarescalance_x306-1ldfe_firmwarescalance_x307-2eec_firmwarescalance_x320-1-2ldfesiplus_net_scalance_x308-2_firmwarescalance_x308-2lh_firmwarescalance_x302-7eec_firmwarescalance_x308-2lhscalance_x307-3ld_firmwarescalance_x310scalance_x320-1-2ldfe_firmwarescalance_xr324-12m_firmwarescalance_x308-2m_poe_firmwarescalance_x308-2lh\+scalance_x310_firmwarescalance_x308-2m_poescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xr324-12m_tsscalance_x308-2m_tsscalance_x308-2m_firmwarescalance_x320-1fescalance_x408-2scalance_xr324-4m_poescalance_x306-1ldfescalance_x307-3ldscalance_x308-2mscalance_x408-2_firmwarescalance_x307-3scalance_x304-2fescalance_xr324-4m_poe_tsscalance_xr324-4m_poe_ts_firmwarescalance_x302-7eecSCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE X307-3SCALANCE X308-2MSCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE X308-2M PoESCALANCE X310FESCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X308-2LH+SCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SCALANCE X307-3LDSCALANCE X308-2LHSCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SCALANCE X304-2FESCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE X307-2 EEC (230V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X320-1 FESCALANCE X302-7 EEC (2x 24V)SCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X307-2 EEC (2x 230V)SCALANCE X302-7 EEC (24V)SCALANCE X302-7 EEC (230V, coated)SCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X320-1-2LD FESCALANCE XR324-4M EEC (2x 24V, ports on rear)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25161
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-8.6||HIGH
EPSS-0.20% / 42.74%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 16:32
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric Mitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior and versions prior to 1.073, MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 17X**** or later and versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS) with serial number 179**** and prior and versions prior to 1.073, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS versions prior to 1.270, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS) versions prior to 1.030, Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R) versions prior to 1.031 and Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS) version 1.000 allows a remote unauthenticated attacker to cause a DoS condition for the product's program execution or communication by sending specially crafted packets. System reset of the product is required for recovery.

Action-Not Available
Vendor-n/aMitsubishi Electric Corporation
Product-melsec_iq-fx5uc-32mt\/dss-tsmelsec_iq-fx5u-64mr\/esmelsec_iq-fx5u-80mr\/dssmelsec_iq-fx5uc-96mr\/ddsmelsec_iq-fx5uj-40mt\/essmelsec_iq-fx5s-40mr\/ess_firmwaremelsec_iq-fx5uj-40mr\/esmelsec_iq-fx5u-32mr\/dss_firmwaremelsec_iq-fx5uj-60mt\/es-amelsec_iq-fx5uj-24mt\/es-a_firmwaremelsec_iq-fx5uj-40mt\/es_firmwaremelsec_iq-fx5uj-24mt\/es-amelsec_iq-fx5u-80mr\/dss_firmwaremelsec_iq-fx5uc-32mr\/ds-ts_firmwaremelsec_iq-fx5u-64mr\/dsmelsec_iq-fx5s-80mt\/esmelsec_iq-fx5u-64mt\/es_firmwaremelsec_iq-fx5uj-40mt\/es-amelsec_iq-fx5u-32mr\/ess_firmwaremelsec_iq-fx5u-64mt\/ess_firmwaremelsec_iq-fx5s-60mt\/essmelsec_iq-fx5uj-60mr\/es-a_firmwaremelsec_iq-fx5u-80mt\/ess_firmwaremelsec_iq-fx5uc-96mt\/ddsmelsec_iq-fx5uc-64mt\/ds_firmwaremelsec_iq-fx5s-60mr\/es_firmwaremelsec_iq-fx5u-80mt\/esmelsec_iq-fx5uj-60mr\/esmelsec_iq-fx5s-30mr\/esmelsec_iq-fx5uj-24mr\/es-a_firmwaremelsec_iq-fx5u-64mt\/dssmelsec_iq-fx5u-32mt\/es_firmwaremelsec_iq-fx5s-60mt\/es_firmwaremelsec_iq-fx5uj-40mt\/es-a_firmwaremelsec_iq-fx5uc-32mt\/ddsmelsec_iq-fx5s-60mt\/ess_firmwaremelsec_iq-fx5u-80mt\/es_firmwaremelsec_iq-fx5uj-60mt\/essmelsec_iq-fx5uj-60mt\/es_firmwaremelsec_iq-fx5u-32mt\/essmelsec_iq-fx5s-60mr\/essmelsec_iq-fx5uc-96mt\/ds_firmwaremelsec_iq-fx5uj-24mt\/es_firmwaremelsec_iq-fx5s-30mt\/essmelsec_iq-fx5u-64mr\/essmelsec_iq-fx5uc-32mt\/dsmelsec_iq-fx5uj-40mr\/es-a_firmwaremelsec_iq-fx5u-80mr\/dsmelsec_iq-fx5u-32mt\/ess_firmwaremelsec_iq-fx5s-40mr\/esmelsec_iq-fx5s-80mt\/ess_firmwaremelsec_iq-fx5s-40mt\/ess_firmwaremelsec_iq-fx5u-32mr\/ds_firmwaremelsec_iq-fx5uc-32mr\/dsmelsec_iq-fx5uc-32mt\/dds_firmwaremelsec_iq-fx5uc-64mt\/dds_firmwaremelsec_iq-fx5uc-64mt\/dsmelsec_iq-fx5uj-40mr\/ess_firmwaremelsec_iq-fx5s-80mr\/essmelsec_iq-fx5uc-64mr\/dds_firmwaremelsec_iq-fx5uc-64mr\/ds_firmwaremelsec_iq-fx5uj-24mr\/ess_firmwaremelsec_iq-fx5u-80mr\/es_firmwaremelsec_iq-fx5u-64mt\/essmelsec_iq-fx5u-32mt\/dss_firmwaremelsec_iq-fx5s-80mr\/esmelsec_iq-fx5u-64mt\/dss_firmwaremelsec_iq-fx5uj-24mr\/esmelsec_iq-fx5s-30mr\/essmelsec_iq-fx5u-64mt\/ds_firmwaremelsec_iq-fx5u-80mt\/dss_firmwaremelsec_iq-fx5s-30mr\/ess_firmwaremelsec_iq-fx5u-32mt\/dsmelsec_iq-fx5uc-96mr\/ds_firmwaremelsec_iq-fx5uc-64mr\/dsmelsec_iq-fx5uj-60mt\/esmelsec_iq-fx5uc-96mr\/dsmelsec_iq-fx5uj-40mr\/es-amelsec_iq-fx5uj-24mr\/es_firmwaremelsec_iq-fx5uc-32mt\/ds_firmwaremelsec_iq-fx5u-32mr\/esmelsec_iq-fx5u-32mt\/dssmelsec_iq-fx5u-64mr\/ds_firmwaremelsec_iq-fx5s-60mt\/esmelsec_iq-fx5s-40mr\/es_firmwaremelsec_iq-fx5uj-60mr\/es-amelsec_iq-fx5s-30mr\/es_firmwaremelsec_iq-fx5uc-96mt\/dsmelsec_iq-fx5s-40mt\/es_firmwaremelsec_iq-fx5uj-40mr\/es_firmwaremelsec_iq-fx5s-80mt\/essmelsec_iq-fx5uc-32mt\/ds-tsmelsec_iq-fx5u-64mt\/dsmelsec_iq-fx5uj-24mt\/esmelsec_iq-fx5u-32mt\/esmelsec_iq-fx5u-80mr\/ds_firmwaremelsec_iq-fx5uj-40mt\/esmelsec_iq-fx5u-64mr\/es_firmwaremelsec_iq-fx5u-80mr\/essmelsec_iq-fx5uj-60mt\/ess_firmwaremelsec_iq-fx5uj-60mr\/essmelsec_iq-fx5uj-24mt\/essmelsec_iq-fx5s-30mt\/es_firmwaremelsec_iq-fx5u-80mt\/essmelsec_iq-fx5s-40mt\/essmelsec_iq-fx5u-32mr\/essmelsec_iq-fx5uj-24mr\/es-amelsec_iq-fx5u-80mt\/ds_firmwaremelsec_iq-fx5u-64mr\/dss_firmwaremelsec_iq-fx5u-64mr\/ess_firmwaremelsec_iq-fx5s-60mr\/esmelsec_iq-fx5s-80mr\/ess_firmwaremelsec_iq-fx5uj-60mt\/es-a_firmwaremelsec_iq-fx5s-60mr\/ess_firmwaremelsec_iq-fx5s-30mt\/ess_firmwaremelsec_iq-fx5uc-32mr\/ds_firmwaremelsec_iq-fx5u-32mr\/dsmelsec_iq-fx5s-80mr\/es_firmwaremelsec_iq-fx5uj-60mr\/es_firmwaremelsec_iq-fx5uj-40mt\/ess_firmwaremelsec_iq-fx5u-80mr\/ess_firmwaremelsec_iq-fx5u-80mt\/dssmelsec_iq-fx5uc-96mt\/dds_firmwaremelsec_iq-fx5uc-32mr\/ddsmelsec_iq-fx5uc-64mt\/ddsmelsec_iq-fx5uc-64mr\/ddsmelsec_iq-fx5u-80mr\/esmelsec_iq-fx5s-40mr\/essmelsec_iq-fx5s-30mt\/esmelsec_iq-fx5uc-96mr\/dds_firmwaremelsec_iq-fx5u-32mr\/dssmelsec_iq-fx5s-80mt\/es_firmwaremelsec_iq-fx5u-32mt\/ds_firmwaremelsec_iq-fx5uc-32mt\/ds-ts_firmwaremelsec_iq-fx5uj-24mt\/ess_firmwaremelsec_iq-fx5u-64mr\/dssmelsec_iq-fx5u-64mt\/esmelsec_iq-fx5uc-32mt\/dss-ts_firmwaremelsec_iq-fx5u-80mt\/dsmelsec_iq-fx5s-40mt\/esmelsec_iq-fx5u-32mr\/es_firmwaremelsec_iq-fx5uj-60mr\/ess_firmwaremelsec_iq-fx5uc-32mr\/ds-tsmelsec_iq-fx5uc-32mr\/dds_firmwaremelsec_iq-fx5uj-40mr\/essmelsec_iq-fx5uj-24mr\/essMitsubishi Electric MELSEC iQ-F series FX5U-xMy/z(x=32,64,80, y=T,R, z=ES,DS,ESS,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-xMy/z(x=32,64,96, y=T,R, z=D,DSS); Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MT/DSS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UC-32MR/DS-TS; Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/z(x=24,40,60, y=T,R, z=ES,ESS); Mitsubishi Electric MELSEC iQ-F series FX5UJ-xMy/ES-A(x=24,40,60, y=T,R); Mitsubishi Electric MELSEC iQ-F series FX5S-xMy/z(x=30,40,60,80, y=T,R, z=ES,ESS)
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3819
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 70.92%
||
7 Day CHG~0.00%
Published-11 Jul, 2014 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8, 12.3 before 12.3R7, 13.1 before 13.1R4, 13.2 before 13.2R4, 13.3 before 13.3R2, and 14.1 before 14.1R1, when Auto-RP is enabled, allows remote attackers to cause a denial of service (RDP routing process crash and restart) via a malformed PIM packet.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2159
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.37%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-tandberg_770_mxptelepresence_system_1000_mxptandberg_550_mxptandberg_990_mxptelepresence_system_1700_mxptandberg_2000_mxptelepresence_system_softwaretelepresence_system_edge_85_mxptandberg_880_mxptelepresence_system_codec_3000_mxptelepresence_system_edge_75_mxptelepresence_system_codec_6000_mxptelepresence_system_edge_95_mxpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2158
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-tandberg_770_mxptelepresence_system_1000_mxptandberg_550_mxptandberg_990_mxptelepresence_system_1700_mxptandberg_2000_mxptelepresence_system_softwaretelepresence_system_edge_85_mxptandberg_880_mxptelepresence_system_codec_3000_mxptelepresence_system_edge_75_mxptelepresence_system_codec_6000_mxptelepresence_system_edge_95_mxpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1245
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-4.29% / 88.41%
||
7 Day CHG~0.00%
Published-10 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.

Action-Not Available
Vendor-n/aBelkin International, Inc.
Product-f5d7230-4n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-16556
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.90%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-2 DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 417-4 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 V7 (All versions), SIPLUS S7-400 CPU 417-4 V7 (All versions). Specially crafted packets sent to port 102/tcp via Ethernet interface, via PROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected devices to go into defect mode. Manual reboot is required to resume normal operation. Successful exploitation requires an attacker to be able to send specially crafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi Point Interfaces (MPI). No user interaction and no user privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-400_firmwaresimatic_s7-400h_v6simatic_s7-400simatic_s7-400_pn\/dp_v7simatic_s7-410_firmwaresimatic_s7-400h_firmwaresimatic_s7-410simatic_s7-400h_v6_firmwaresimatic_s7-400h SIMATIC S7-400 CPU 412-2 DP V7 SIMATIC S7-400 CPU 414F-3 PN/DP V7 SIMATIC S7-400 CPU 416-3 DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7 SIMATIC S7-400 CPU 416F-3 PN/DP V7 SIMATIC S7-400 CPU 416F-2 DP V7 SIMATIC S7-400 CPU 414-2 DP V7SIPLUS S7-400 CPU 416-3 V7SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 417-4 DP V7SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 416-2 DP V7 SIMATIC S7-400 CPU 414-3 PN/DP V7 SIMATIC S7-400 CPU 414-3 DP V7SIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 416-3 PN/DP V7SIPLUS S7-400 CPU 417-4 V7 SIMATIC S7-400 CPU 412-1 DP V7SIMATIC S7-400 CPU 412-2 PN V7
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2112
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.90%
||
7 Day CHG~0.00%
Published-27 Mar, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2108
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.10% / 77.20%
||
7 Day CHG~0.00%
Published-27 Mar, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2175
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_tc_softwaretelepresence_te_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-20611
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.40%
||
7 Day CHG~0.00%
Published-01 Dec, 2021 | 15:41
Updated-03 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-melsec_q03udvcpumelsec_iq-r_r16_cpumelsec_q03udecpumelsec_q173dcpu-s1_firmwaremelsec_iq-r_r08_sfcpu_firmwaremelsec_q03udvcpu_firmwaremelsec_iq-r_r08_pcpu_firmwaremelsec_iq-r_r16_cpu_firmwaremelsec_q170mscpu\(-s1\)melsec_iq-r_r32_pcpu_firmwaremelsec_iq-r_r08_pcpumelsec_q10udecpumelsec_l06cpu\(-p\)_firmwaremelsec_iq-r_r32_sfcpumelipc_mi5122-vwmelsec_iq-r_r32_mtcpu_firmwaremelsec_iq-r_r32_mtcpumelsec_q26udvcpumelsec_q172dscpu_firmwaremelsec_q172dcpu-s1melsec_q26dhccpu-lsmelsec_iq-r_r120_sfcpu_firmwaremelsec_iq-r_r02_cpumelipc_mi5122-vw_firmwaremelsec_iq-r_r01_cpu_firmwaremelsec_iq-r_r64_mtcpu_firmwaremelsec_q06udvcpu_firmwaremelsec_l26cpu\(-p\)melsec_q06udecpu_firmwaremelsec_iq-r_r16_pcpu_firmwaremelsec_q170mcpumelsec_iq-r_r16_mtcpumelsec_q06udecpumelsec_q13udpvcpu_firmwaremelsec_iq-r_r08_cpumelsec_iq-r_r04_cpu_firmwaremelsec_iq-r_r00_cpu_firmwaremelsec_q13udvcpumelsec_q170mcpu_firmwaremelsec_q04udvcpu_firmwaremelsec_q04udpvcpumelsec_q13udecpumelsec_iq-r_r16_sfcpu_firmwaremelsec_q06udvcpumelsec_q173dcpu-s1melsec_q100udecpu_firmwaremelsec_q10udecpu_firmwaremelsec_q12dccpu-v_firmwaremelsec_iq-r_r01_cpumelsec_iq-r_r32_cpu_firmwaremelsec_iq-r_r16_mtcpu_firmwaremelsec_q170mscpu\(-s1\)_firmwaremelsec_iq-r_r02_cpu_firmwaremelsec_q24dhccpu-v\(g\)_firmwaremelsec_q13udecpu_firmwaremelsec_iq-r_r04_pcpumelsec_q26udvcpu_firmwaremelsec_q13udpvcpumelsec_mr-mq100melsec_iq-r_r120_pcpumelsec_q24dhccpu-ls_firmwaremelsec_iq-r_r08_cpu_firmwaremelsec_iq-r_r04_pcpu_firmwaremelsec_q26udpvcpu_firmwaremelsec_iq-r_r64_mtcpumelsec_q04udpvcpu_firmwaremelsec_iq-r_r08_sfcpumelsec_q172dscpumelsec_iq-r_r32_cpumelsec_l02cpu\(-p\)melsec_q26udecpumelsec_q06udpvcpumelsec_q20udecpu_firmwaremelsec_iq-r_r32_sfcpu_firmwaremelsec_q24dhccpu-v\(g\)melsec_l06cpu\(-p\)melsec_mr-mq100_firmwaremelsec_q04udecpumelsec_q13udvcpu_firmwaremelsec_l02cpu\(-p\)_firmwaremelsec_q100udecpumelsec_q06udpvcpu_firmwaremelsec_q172dcpu-s1_firmwaremelsec_q20udecpumelsec_iq-r_r16_pcpumelsec_iq-r_r12_ccpu-vmelsec_iq-r_r12_ccpu-v_firmwaremelsec_iq-r_r120_sfcpumelsec_q04udecpu_firmwaremelsec_iq-r_r04_cpumelsec_iq-r_r00_cpumelsec_l26cpu\(-p\)_firmwaremelsec_q173dscpu_firmwaremelsec_q50udecpu_firmwaremelsec_iq-r_r16_sfcpumelsec_q173dscpumelsec_iq-r_r32_pcpumelsec_iq-r_r120_cpumelsec_q12dccpu-vmelsec_l26cpu-\(p\)btmelsec_q26dhccpu-ls_firmwaremelsec_q04udvcpumelsec_q50udecpumelsec_q26udecpu_firmwaremelsec_q03udecpu_firmwaremelsec_q24dhccpu-lsmelsec_l26cpu-\(p\)bt_firmwaremelsec_iq-r_r120_cpu_firmwaremelsec_iq-r_r120_pcpu_firmwaremelsec_q26udpvcpuMELSEC Q Series Q100UDEHCPUMELSEC L Series L06CPU-PMELSEC iQ-R Series R120PSFCPUMELSEC iQ-R Series R16MTCPUMELSEC iQ-R Series R32PSFCPUMELSEC L Series L02CPU-PMELSEC iQ-R Series R04ENCPUMELSEC iQ-R Series R120PCPUMELSEC iQ-R Series R120SFCPUMELSEC iQ-R Series R16PCPUMELSEC iQ-R Series R32SFCPUMELSEC iQ-R Series R64MTCPUMELSEC Q Series Q24DHCCPU-V MELSEC Q Series Q173DCPU-S1MELSEC Q Series Q170MSCPUMELSEC Q Series Q50UDEHCPUMELSEC Q Series Q173DSCPUMELSEC iQ-R Series R08PSFCPUMELSEC iQ-R Series R16SFCPUMELSEC iQ-R Series R16CPUMELSEC L Series L06CPUMELSEC iQ-R Series R16PSFCPUMELSEC Q Series Q04UDPVCPUMELSEC iQ-R Series R04CPUMELSEC iQ-R Series R32MTCPUMELSEC iQ-R Series R32PCPUMELSEC iQ-R Series R01CPUMELSEC Q Series Q06UDEHCPUMELSEC Q Series Q13UDEHCPUMELSEC Q Series Q20UDEHCPUMELIPC Series MI5122-VWMELSEC iQ-R Series R08CPUMELSEC Q Series MR-MQ100MELSEC iQ-R Series R00CPUMELSEC iQ-R Series R08PCPUMELSEC Q Series Q06UDPVCPUMELSEC Q Series Q04UDVCPUMELSEC Q Series Q170MSCPU-S1MELSEC L Series L26CPU-BTMELSEC iQ-R Series R32CPUMELSEC Q Series Q24DHCCPU-LSMELSEC Q Series Q170MCPUMELSEC Q Series Q13UDVCPUMELSEC L Series L26CPUMELSEC Q Series Q26DHCCPU-LSMELSEC iQ-R Series R120CPUMELSEC iQ-R Series R02CPUMELSEC Q Series Q12DCCPU-VMELSEC Q Series Q26UDEHCPUMELSEC Q Series Q06UDVCPUMELSEC iQ-R Series R120ENCPUMELSEC Q Series Q172DSCPUMELSEC Q Series Q26UDVCPUMELSEC L Series L02CPUMELSEC Q Series Q03UDVCPUMELSEC iQ-R Series R08ENCPUMELSEC Q Series Q26UDPVCPUMELSEC L Series L26CPU-PBTMELSEC iQ-R Series R32ENCPUMELSEC iQ-R Series R16ENCPUMELSEC Q Series Q03UDECPUMELSEC Q Series Q172DCPU-S1MELSEC iQ-R Series R08SFCPUMELSEC L Series L26CPU-PMELSEC Q Series Q04UDEHCPUMELSEC iQ-R Series R12CCPU-VMELSEC Q Series Q13UDPVCPUMELSEC Q Series Q24DHCCPU-VGMELSEC Q Series Q10UDEHCPU
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2161
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.37%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45731.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-tandberg_770_mxptelepresence_system_1000_mxptandberg_550_mxptandberg_990_mxptelepresence_system_1700_mxptandberg_2000_mxptelepresence_system_softwaretelepresence_system_edge_85_mxptandberg_880_mxptelepresence_system_codec_3000_mxptelepresence_system_edge_75_mxptelepresence_system_codec_6000_mxptelepresence_system_edge_95_mxpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2113
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.10% / 77.20%
||
7 Day CHG~0.00%
Published-27 Mar, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2160
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.37%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45745.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-tandberg_770_mxptelepresence_system_1000_mxptandberg_550_mxptandberg_990_mxptelepresence_system_1700_mxptandberg_2000_mxptelepresence_system_softwaretelepresence_system_edge_85_mxptandberg_880_mxptelepresence_system_codec_3000_mxptelepresence_system_edge_75_mxptelepresence_system_codec_6000_mxptelepresence_system_edge_95_mxpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1402
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.21% / 44.03%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 17:15
Updated-08 Nov, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-isa_3000firepower_1010firepower_1140firepower_2120firepower_2130firepower_1120firepower_2110asa_5515-xfirepower_2140asa_5545-xfirepower_threat_defense_virtualasa_5555-xasa_5525-xfirepower_1150asa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2166
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_tc_softwaretelepresence_te_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6133
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.84%
||
7 Day CHG~0.00%
Published-21 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_dnsbig-ip_application_security_managerbig-ip_advanced_firewall_managerbig-ip_local_traffic_managerbig-ip_application_acceleration_managerbig-ip_websafebig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_analyticsbig-ip_access_policy_managerBIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1279
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 19:56
Updated-12 Nov, 2024 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100b_routervedge_cloud_routersd-wan_vbond_orchestratorvedge_5000_routervedge_100_routersd-wan_firmwareios_xe_sd-wanvedge_2000_routersd-wan_vsmart_controller_firmwarevedge_100wm_routercatalyst_sd-wan_managervedge_1000_routervedge_100m_routerCisco SD-WAN Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2165
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtq72699.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_te_softwaretelepresence_tc_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-15453
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.29% / 51.68%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 18:00
Updated-19 Nov, 2024 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability

A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an affected device to corrupt system memory. A successful exploit could cause the filtering process to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to improper input validation of S/MIME-signed emails. An attacker could exploit this vulnerability by sending a malicious S/MIME-signed email through a targeted device. If Decryption and Verification or Public Key Harvesting is configured, the filtering process could crash due to memory corruption and restart, resulting in a DoS condition. The software could then resume processing the same S/MIME-signed email, causing the filtering process to crash and restart again. A successful exploit could allow the attacker to cause a permanent DoS condition. This vulnerability may require manual intervention to recover the ESA.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-email_security_appliance_firmwareCisco Email Security Appliance (ESA)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-2106
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.70% / 81.51%
||
7 Day CHG~0.00%
Published-27 Mar, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3817
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.83% / 73.57%
||
7 Day CHG~0.00%
Published-11 Jul, 2014 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translation from IPv4 to IPv6 is enabled, allows remote attackers to cause a denial of service (flowd hang or crash) via a crafted packet.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-srx5600srx240srx3600srx220srx5800srx1400srx650srx3400srx100junossrx110srx210srx550n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-3815
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 70.92%
||
7 Day CHG~0.00%
Published-11 Jul, 2014 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-srx5600srx240srx3600srx220srx5800srx1400srx650srx3400srx100junossrx110srx210srx550n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-15369
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.19% / 40.75%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets by the affected software. An attacker could exploit this vulnerability by injecting a crafted TACACS+ packet into an existing TACACS+ session between an affected device and a TACACS+ server or by impersonating a known, valid TACACS+ server and sending a crafted TACACS+ packet to an affected device when establishing a connection to the device. To exploit this vulnerability by using either method, the attacker must know the shared TACACS+ secret and the crafted packet must be sent in response to a TACACS+ request from a TACACS+ client. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosCisco IOS Software
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2163
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.49%
||
7 Day CHG~0.00%
Published-02 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_tc_softwaretelepresence_te_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1271
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.30% / 53.13%
||
7 Day CHG~0.00%
Published-14 Mar, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CoreCapture in Apple iOS before 7.1 and Apple TV before 6.1 does not properly validate IOKit API calls, which allows attackers to cause a denial of service (assertion failure and device crash) via a crafted app.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_ostvosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1158
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presence_serverunified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-6573
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.62% / 68.97%
||
7 Day CHG~0.00%
Published-28 Dec, 2007 | 21:00
Updated-07 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DATA command; possibly a related issue to CVE-2006-5551.

Action-Not Available
Vendor-qksoftn/a
Product-qk_smtp_server_3n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2744
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-2.32% / 84.16%
||
7 Day CHG~0.00%
Published-11 Apr, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka an "xmppbomb" attack.

Action-Not Available
Vendor-lightwitchprosodyn/a
Product-metronomeprosodyn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 10
  • 11
  • Next
Details not found